BY RAPHAEL SATTER AND DANIELLA CHESLOW
PARIS (AP) — A botched attempt to break into the iPhone of an Arab activist using hitherto unknown espionage software has trigged a global upgrade of Apple’s mobile operating system, researchers said Thursday.
The spyware took advantage of three previously undisclosed weaknesses in Apple’s mobile operating system to take complete control of iPhone devices, according to reports published Thursday by the San Francisco-based Lookout smartphone security company and internet watchdog group Citizen Lab. Both reports fingered the NSO Group, an Israeli company with a reputation for flying under the radar, as the author of the spyware.
“The threat actor has never been caught before,” said Mike Murray, a researcher with Lookout, describing the program as “the most sophisticated spyware package we have seen in the market.”
The reports issued by Lookout and Citizen Lab – based at the University of Toronto’s Munk School of Global Affairs – outlined how an iPhone could be completely compromised with the tap of a finger, a trick so coveted in the world of cyberespionage that in November a spyware broker said it had paid a $1 million dollar bounty to programmers who’d found a way to do it. Such a compromise would give hackers full control over the phone, allowing them to eavesdrop on calls, harvest messages, activate cameras and microphones and drain the device of its personal data.