PARIS — A botched attempt to break into the iPhone of an Arab activist using unknown espionage software has triggered a global upgrade of Apple's mobile operating system, researchers said Thursday.
The spyware took advantage of three previously undisclosed weaknesses in Apple's mobile operating system to take complete control of iPhone devices, according to reports published Thursday by the San Francisco-based Lookout smartphone security company and Internet watchdog group Citizen Lab. Both reports pointed to the NSO Group, an Israeli company with a reputation for flying under the radar, as the author of the spyware.
"The threat actor has never been caught before," said Mike Murray, a Lookout researcher, describing the program as "the most sophisticated spyware package we have seen in the market."
The reports issued by Lookout and Citizen Lab outlined how an iPhone could be completely compromised with the tap of a finger, allowing hackers to eavesdrop on calls, harvest messages, activate cameras and microphones and drain a device's personal data.
Apple said in a statement it fixed the vulnerability immediately after learning about it, but the security hole may have gone unpatched had it not been for the wariness of a human rights activist in the United Arab Emirates.
Ahmed Mansoor first alerted Citizen Lab to the spyware after receiving an unusual text message Aug. 10. Promising to reveal details about torture in the United Arab Emirates' prisons, the unknown sender included a suspicious-looking link at the bottom of the message.
Mansoor shared the suspicious text with Citizen Lab researcher Bill Marczak, who had already been looking into the NSO Group. Marczak said he and fellow researcher John Scott-Railton turned to Lookout for help picking apart the malicious program, a process Murray compared to "defusing a bomb."
"It is amazing the level they've gone through to avoid detection," he said of the software's makers. "They have a hair-trigger self-destruct."
Working feverishly over a two-week period, the researchers found Mansoor had been targeted by an unusually sophisticated piece of software that likely cost a small fortune to arm.
In a statement stopping short of acknowledging the spyware was its own, the NSO Group said its mission was to provide "authorized governments with technology that helps them combat terror and crime."