Researchers have discovered a scarily effective piece of malware, authored by an Israeli “cyber arms dealer,” that can completely hack an iPhone if the user clicks on one link. First found by a UAE human rights defender who was sent a malicious link, the spyware uses a series of zero-day exploits to thoroughly take control of a users’ iPhone.
Ahmed Mansoor, the human rights defender in question, was sent the link earlier in August. It was in a text message which promised him information if he followed the link. Instead, he sent the link to researchers at Citizen Lab, who analyzed the malware installed after the link.
The spyware uses three zero-day exploits to jailbreak any stock iPhone, allowing secret access to data on the device and monitoring of the microphone and camera. In a blog post, the researchers discovered links to a private Israeli firm:
“We recognized the links as belonging to an exploit infrastructure connected to NSO Group, an Israel-based “cyber war” company that sells Pegasus, a government-exclusive “lawful intercept” spyware product. NSO Group is reportedly owned by an American venture capital firm, Francisco Partners Management.”
Apple has been informed of the zero-day exploits, and has already fixed them. iOS 9.3.5, out today, is basically just a security update that patches those holes.
It’s not just about those three exploits, though: the more worrying fact is that for enough money, anyone seems to be able to buy a hacking tool that can easily penetrate the most common smartphone in the world.
For now, the basic principles of staying safe on the internet remain the same: never click on a link unless it’s sent from a specifically trusted source.