This summer, iPhones belonging to as many as 36 Al Jazeera journalists were silently infected with malware, according to research released Sunday. They were subjected to silent attacks that appeared to exploit a vulnerability in Apple’s iOS and installed malware on the iOS devices, leaving reporters’ phones open to snooping, the researchers claimed.
Citizen Lab, a University of Toronto research body that tracks surveillance companies, claimed the malware was most likely created by NSO Group, an Israeli spy tech vendor that is currently defending itself in a lawsuit brought by Facebook, over attacks on 1,400 WhatsApp users in 2019. Citizen Lab also claimed with “medium confidence” that the attacks were likely carried out by snoops in Saudi Arabia and the U.A.E., using NSO’s powerful tools.
The malware could record audio from the iPhone microphone, including extracting the audio of encrypted phone calls. It could also take pictures, track device location and access passwords, Citizen Lab said.
Al Jazeera declined to respond to press enquiries, as it was publishing its own report on Sunday. The targeted journalists were based in Doha, Qatar. The attacks were first detected on the iPhone of Tamer Almisshal, an investigative journalist for Al Jazeera’s Arabic language channel. It appeared that the infected devices contained “anomalous communications” with Apple servers, explained Citizen Lab researcher Bill Marczak. In particular, it appeared the spy tools exploited the “imagent” background process on iOS that handles push notifications for FaceTime and iMessages.
The vulnerabilities were patched in iOS 14, Marczak added. Apple said it had been made aware of the matter, but was unable to validate Citizen Lab’s findings. “At Apple, our teams work tirelessly to strengthen the security of our users’ data and devices. iOS 14 is a major leap forward in security and delivered new protections against these kinds of attacks,” a spokesperson said. “The…