iPhones of around 36 Journalists at Al Jazeera news organisation have been hacked by nation-sponsored hackers who sent malware laden iMessages. The attackers who are suspected to be backed by the governments of the United Arab Emirates and Saudi Arabia, exploited a zero-day vulnerability in iMessage which was later fixed by Apple.
In a technical report, experts have stated that the Journalists' iPhones were snooped on by attackers who employed NSO's Pegasus software to deploy spyware onto the iPhones of 36 journalists, executives and producers at the news agency, Al Jazeera.
Pegasus is a modular malware developed by the Israeli firm NSO which is used for surveillance purposes and has also been linked to surveillance abuse at multiple occasions. The spyware allows hosts to remotely monitor and exploit devices. Reportedly, the attack took place invisibly and it didn't require the attackers to trick the victims into clicking on a malicious link – as opposed to conventional ways of deploying malware.
While examining one of the victim's device, researchers discovered that spyware was deployed secretly through iMessage and was able to take images using iPhone's camera, access passwords, and victim's location. Besides, it's likely that the spyware was also recording phone calls and microphone.
As per the researchers at Citizen Lab, a total of four operators belonging to Pegasus were observed to have assisted the hack. Two of the operators namely SNEAKY KESTREL and MONARCHY are suspected to be having links with the governments of Middle Eastern countries; to the UAE and Saudi Arabia, respectively.
According to the reports by Citizen Lab, "In July and August 2020, government operatives used NSO Group’s Pegasus spyware to hack 36 personal phones belonging to journalists, producers, anchors, and executives at Al Jazeera. The personal phone of a journalist at London-based Al Araby TV was also hacked."
"The phones were compromised using an exploit chain that we call KISMET, which appears to involve an invisible zero-click exploit in iMessage. In July 2020, KISMET was a zero-day against at least iOS 13.5.1 and could hack Apple’s then-latest iPhone 11."
"We do not believe that KISMET works against iOS 14 and above, which includes new security protections. All iOS device owners should immediately update to the latest version of the operating system," the report further read.