Apple has issued a security update after Israeli malware found to be used to spy on Emirati activists’ iPhones. (Getty Images)
The United Arab Emirates has been accused of purchasing Israeli malware capable of turning Apple’s iPhones into remote spying devices to clamp down voices of dissent.
The revelation was made by the University of Toronto’s Citizen Lab
after human rights activist Ahmed Mansoor sent them a suspicious link which had been sent to him via a text message.
The link claimed to contain “new secrets” about detainees being tortured in UAE
SMS text messages received by Ahmed Mansoor (English: “New secrets about torture of Emiratis in state prisons.”)
“We recognized the links as belonging to an exploit infrastructure connected to NSO Group, an Israel-based ‘cyber war’ company that sells Pegasus, a government-exclusive ‘lawful intercept’ spyware product,” said Citizen Lab in a statement.
“Once infected, Mansoor’s phone would have become a digital spy in his pocket, capable of employing his iPhone’s camera and microphone to snoop on activity in the vicinity of the device, recording his WhatsApp and Viber calls, logging messages sent in mobile chat apps, and tracking his movements,” it added.
A purported screenshot of NSO Group’s Pegasus Working Station software, which visualizes location data collected from infected devices.
The lab — which focuses on advanced research and development at the intersection of Information and Communication Technologies (ICTs), human rights, and global security — said that the UAE government was “the likely operator behind the targeting,” and noted that the attack was traced back to software designed by Israel’s NSO Group, which writes and sells spyware to clients, including foreign governments.
The NSO, which is reportedly run by former members of the Israeli army’s Unit 8200 electronic surveillance branch, refrained from commenting whether it had sold the software to Abu Dhabi as they “cannot confirm the specific cases.”
Diagram purported to be NSO Group Pegasus documentation showing the range of information gathered from a device infected with Pegasus
“The agreements signed with the company’s customers require that the company’s products only be used in a lawful manner. Specifically, the products may only be used for the prevention and investigation of crimes,” said NSO spokesman Zamir Dahbash.
The discovery prompted Apple to release an urgent software update aimed at blocking the exploitation used by the spyware.
Human rights activist Ahmed Mansoor shows Associated Press journalists a screenshot of a spoof text message he received in Ajman, United Arab Emirates, on Thursday, August 25, 2016.
Mansoor, a prominent and internationally recognized human rights activist, has been arrested and tortured in the past and has also been the target of sophisticated malware written by a private intelligence firm.
“The targeting of these activists and dissidents is a taste of what’s to come,” Citizen Lab researcher Bill Marczak. “What they’re facing today will be faced by ordinary users tomorrow,” he added.