Most mobile phone owners in the Middle East will be familiar with the frustration caused by unwanted and junk SMS messages.
Ahmed Mansour, a human rights defender from the UAE, certainly is. Earlier this month, he received a text that promised to reveal secrets about detainees if he clicked on a link. He didn’t take the bait – but what happened next is alarming.
Instead he sent the message to Citizen Lab, a Canada-based technology laboratory. They made an alarming discovery: the message link had the power to turn the iPhone into a sophisticated spying tool, using the camera and microphone on Mansour’s phone to record his conversations, track his movements, and monitor his messages.
Researchers believed the hack had been developed by NSO group, an Israeli company that sells governments what are known as “lawful intercept” tools. It would have linked to a chain of what’s known as “zero-day” exploitations in the phone’s system – vulnerabilities that would be shared by all iphones.
That means that anyone’s iPhone could be vulnerable to being hacked in a similar way – that is, if you don’t install an update that Apple have released to counter the threat.
As soon as Citizen Lab discovered the hack, they notified Apple and the tech giant quickly developed an update to address it. The update can be found through the settings function on your iPhone.
“We were made aware of this vulnerability and immediately fixed it with iOS 9.3.5,” Apple said in a statement. “We advise all of our customers to always download the latest version of iOS to protect themselves against potential security exploits.”
This particular threat is rare and appears to have been stopped in its tracks for now. But that doesn’t mean you can take phone security for granted. Citizens Lab warned that the case demonstrates the danger of private firms creating lawful hacking tools which are then used for illegal means – and suggested the UAE government was likely behind the hack, too.
© 2000 - 2019 Al Bawaba (www.albawaba.com)