The iPhones of 36 journalists from the Qatari Al Jazeera channel were hacked for espionage. According to the Citizen Lab, hackers exploited the KISMET bug through iMessage. KISMET was a 0 day error that lasted for almost a year.
The Al Jazeera journalists’ iPhone hack was carried out using Pegasus spyware from NSO Group. Four of the NSO Group’s customers are originally from Saudi Arabia and the United Arab Emirates. In at least two cases, the hacking took place at the behest of governments.
A bug in iMessage for the Al Jazeera journalists’ iPhone hack
According to Citizen Lab, the iPhone hack was made possible by content sent discreetly by iMessage. A simple reception was enough to activate the error. The iPhones were then in contact with servers to transfer data. The journalists were unaware that the process was being carried out in the background.
The spyware can pick up audio from the iPhone microphone, including extracting audio from encrypted phone calls. It can also take photos, track the location of the device, and access passwords.
The NSO group said it was unaware of Citizen Lab’s claims. He makes sure that he doesn’t have access to the data of the targets (the journalists here). The group said it investigates all cases where there is “credible evidence of abuse” by customers. He adds that his tool is only intended for tracking down criminals. Apple said it couldn’t independently review Citizen Lab’s work. However, the manufacturer says the attack was “very targeted” and is still tricking users into installing the latest version of iOS.
The hack took place in the summer. According to Citizen Lab, iOS 14 appears to be blocking the iMessage vulnerability.