An Israeli digital arms company has prompted tech giant Apple to boost security for its mobile operating system after developing a highly sophisticated spyware package that allows complete control of iPhone devices.
The spyware — code-named Pegasus — took advantage of previously undisclosed weaknesses in Apple’s mobile operating system, iOS 9.3.5., according to reports published Thursday by the San Francisco-based Lookout smartphone security company and internet watchdog group Citizen Lab.
The software can track calls and contacts, collect passwords, read text messages and emails, record calls and trace the whereabouts of the user.
The culprit, according to the reports by Lookout and Citizen Lab, is the NSO Group, an Israeli company with a reputation for flying under the radar.
“We realized that we were looking at something that no one had ever seen in the wild before,” said Mike Murray, a researcher with Lookout, in an interview with Motherboard. “Literally a click on a link to jailbreak an iPhone in one step. One of the most sophisticated pieces of cyberespionage software we’ve ever seen.”
The reports issued by Lookout and Citizen Lab — based at the University of Toronto’s Munk School of Global Affairs — outlined how an iPhone could be completely compromised with the tap of a finger, a trick so coveted in the world of cyberespionage that in November a spyware broker said it had paid a $1 million dollar bounty to programmers who’d found a way to do it.
Arie van Deursen, a professor of software engineering at Delft University of Technology in the Netherlands, said both reports were credible and disturbing. Forensics expert Jonathan Zdziarski described the malicious program as a “serious piece of spyware.”
The NSO Group was founded in Herzliya in 2010 by Omri Lavie and Shalev Hulio, alumni of the elite IDF intelligence unit 8200, according to Forbes. The company was bought two years ago — for $120 million — by San Francisco-based Francisco Partners Management LLC but maintains an office in Israel, staffed mainly with Israelis.
An attempted hack
The discovery of the spyware began with a botched attempt to break into the iPhone of an Arab activist in the United Arab Emirates.
Ahmed Mansoor, a well-known human rights defender, first alerted Citizen Lab to the spyware after receiving an unusual text message on Aug. 10. Promising to reveal details about torture in the United Arab Emirates’ prisons, the unknown sender included a suspicious-looking link at the bottom of the message.
Mansoor wasn’t convinced. Not only had he been imprisoned, beaten, robbed and had his passport confiscated by the authorities over the years, he had also repeatedly found himself in the crosshairs of electronic eavesdropping operations. In fact Mansoor already had the dubious distinction of having weathered attacks from two separate brands of commercial spyware. And when he shared the suspicious text with Citizen Lab researcher Bill Marczak, they realized he’d been targeted by a third.
Marczak, who’d already been looking into the NSO Group, said he and fellow-researcher John Scott-Railton turned to Lookout for help picking apart the malicious program, a process which Murray compared to “defusing a bomb.”
“It is amazing the level they’ve gone through to avoid detection,” he said of the software’s makers. “They have a hair-trigger self-destruct.”
In a statement which stopped short of acknowledging that the spyware was its own, the NSO Group said its mission was to provide “authorized governments with technology that helps them combat terror and crime.”
“The agreements signed with the company’s customers require that the company’s products only be used in a lawful manner,” the statement read. “Specifically, the products may only be used for the prevention and investigation of crimes.”
The company said that it “does not operate the software for its clients, it just develops it,” according to Channel 2.