An Israeli technology company has been accused of creating and supplying an aggressive interception program capable of taking over Apple’s iPhones and turning them into remote spying devices, after it was allegedly used to target a Middle Eastern human rights activist and others.
The discovery, announced on Thursday, prompted Apple to issue an urgent software update to block the exploitation.
The spyware, which is lawful, was identified by the University of Toronto’s Citizen Lab, after Ahmed Mansoor, who in the past has been arrested, tortured and prevented from travelling abroad, sent the lab a suspicious link that had been texted to him.
Mansoor, who had previously been the target of attempted hacks, said he was sent text messages on his iPhone on 10 and 11 August promising “new secrets” about detainees tortured in UAE jails if he clicked on the link provided. Instead, he forwarded them to the Toronto-based researchers.
“We recognised the links as belonging to an exploit infrastructure connected to NSO Group, an Israel-based ‘cyber war’ company that sells Pegasus, a government-exclusive ‘lawful intercept’ spyware product,” Citizen Lab said in a statement.
“Once infected, Mansoor’s phone would have become a digital spy in his pocket, capable of employing his iPhone’s camera and microphone to snoop on activity in the vicinity of the device, recording his WhatsApp and Viber calls, logging messages sent in mobile chat apps, and tracking his movements.”
Israeli government agencies and private tech firms have aggressively embraced cyber warfare both for spying and launching attacks, with officials in the past boasting they believe they are 15 years ahead of the rest of the world in the field of military cyber capability.
Mansoor is an internationally recognised human rights defender and a recipient of the Martin Ennals award – sometimes referred to as a “Nobel prize for human rights”.