Journalists hacked by government for 'zero-click vulnerability' hidden in iPhone iMessage

Citizen Lab , a security research institute based at the University of Toronto, Canada, announced on December 20, 2020 that 36 journalists from the Middle East were found to have been the target of hacks involving multiple governments. bottom. The hack is believed to have used a 'zero-click exploit, ' a vulnerability that allows the iPhone to infect spyware without the user doing anything.

The Great iPwn: Journalists Hacked with Suspected NSO Group iMessage'Zero-Click' Exploit --The Citizen Lab

Report: gov't spyware targets phones of Al-Jazeera reporters

Citizen Lab said on December 20, 'From July to August 2020, several government operatives used the spyware Pegasus developed by Israeli IT company NSO Group to be a journalist in Al Jazeera , a television station in the Middle East. It was revealed that they had hacked 36 mobile terminals owned by them. '

NSO Group has been found to be involved in multiple cyberattacks, including hacking journalists and government officials through Facebook's messaging app WhatsApp, which will bring WhatsApp to NSO Group in 2019. Is suing.

WhatsApp sues Israeli tech company over global hacks that have created assassinations and intimidation-GIGAZINE

According to Citizen Lab's research, hacking uses an iMessage exploit called 'KISMET' to spyware targeted iPhone user journalists without receiving suspicious messages or accessing dangerous URLs. He was infected.

Bill Marzac, Principal Investigator at Citizen Lab, said of KISMET: 'This is not only a very scary exploit, but also the legendary Holy Grail that hackers have sought to hack their devices. It is possible to operate another person's terminal normally by using, and there is no need to worry about it being distracted. '

KISMET is said to have been in a zero-day state with no defensive measures, at least for iOS 13.5.1, and it is said that even the latest iPhone 11 at the time of July 2020 could not prevent the attack. In addition, it is said that four Saudi Arabian agents, codenamed 'MONARCHY', and four Pegasus users, including 'SNEAKY KESTREL' in the United Arab Emirates, were involved in this attack.

Citizen Lab said, 'Given the global reach of NSO Group's customer base and the lurking exploits on almost every iPhone prior to iOS 14, this one was just a small part of the KISMET attack. I think it's just too much, 'he said, adding that the damage was even more widespread.

Please note that KISMET is not expected to work on iOS 14 , so Citizen Lab is urging users of all iOS devices to update their OS as soon as possible.

in Mobile,   Security, Posted by log1l_ks