In the modern days of the internet and technology, surveillance and spying don't require close encounters.
Gone are the days where spies are sent across borders behind "enemy lines" to gather information about targets. With the internet, anyone with the right set of tools and knowledge, can conduct espionage that spans to the entire world.
And this time, at least 36 Al Jazeera journalists, producers, anchors, and executives, along with a journalist at London-based Al Araby TV, had their iPhones hacked using a no-user-interaction vulnerability in the iOS iMessage app, that according an academic research group.
Citizen Lab, a cybersecurity and human rights abuse research group at the University of Toronto, reported that the zero-day was part of an exploit chain named Kismet, created and sold by NSO Group, an infamous developer of spyware and surveillance products.
Researchers claim that the NSO sold the Kismet hacking tool to at least four clients, who used it since at least October 2019 to hack the personal iPhones of news agencies' employees.
على الجزيرة الانجليزية اليوم و #ما_خفي_أعظم #تجار_التجسس pic.twitter.com/Ry7wczVj4U
— Tamer Almisshal تامر المسحال (@TamerMisshal) December 21, 2020
It began when one Al Jazeera journalist named Tamer Almisshal was concerned that his iPhone had been compromised, and asked Citizen Lab for assistance. This prompted the researchers to start monitoring his iPhone and investigate.
The researchers then discovered that Almisshal’s phone initiated internet connection to an NSO server, even through Almisshal said that he never clicked on any suspicious links.
The researchers at Citizen Lab found that the phone connects to NSO server after it was infected with an apparent malicious code delivered through Apple’s servers. Being infected, the phones secretly sent logs to the NSO server, including data recordings from the microphone and phone calls, photos taken using the phone’s camera, passwords that have been typed, as well as location data.
The researchers then found technical evidence that not only was Almisshal’s phone had been infiltrated, as his colleagues too are targeted.
Furthermore, the case is allegedly reported to be at least a bit political.
Citizen Lab has previously published reports claiming that NSO developed hacking tools that have been used beyond the scope of law enforcement investigations to not only track down terrorists and criminals, but to also track down political rivals, dissidents, journalists, clergy and activists in countries such as Morocco, Mexico, Saudi Arabia, Togo, Spain, the UAE, and others.
As for Al Jazeera, the Qatar-based news agency is believed to have been targeted due to the strained political relations between Qatar and its neighboring countries.
Back in 2017, Saudi Arabia, UAE, Bahrain, and Egypt have cut off their diplomatic relations with Doha, Qatar, and during this time, Al Jazeera has published several reports that were critical to the four countries.
In response, at least two of the four countries have blocked Al Jazeera's website from showing up to their citizens.
The allegation by Citizen Lab marks yet another alleged human rights violations involving NSO’s software on behalf of its clients.
The report also raises troubling questions about the apparent vulnerability of the iPhone, which Apple has sought to promote a reputation for security and commitment to privacy, as well as a renewed focus on the shadowy world of surveillance spyware.
At the time the attacks were discovered, researchers at Citizen Lab said that the Kismet exploit tool worked on “almost all” iPhone devices using an operating system that pre-dated Apple’s iOS 14, which appears to have fixed the vulnerability.
Through iOS 14, Apple introduced several security features and enhancements that apparently managed to patch the zero-day bug.
“At Apple, our teams work tirelessly to strengthen the security of our users’ data and devices. iOS 14 is a major leap forward in security and delivered new protections against these kinds of attacks. The attack described in the research was highly targeted by nation-states against specific individuals. We always urge customers to download the latest version of the software to protect themselves and their data,” said an Apple spokesperson, after the iPhone maker was notified about the issue.
As for the NSO Group, the company's spokesperson called Citizen Lab's report as "speculation" that lacked any evidence "supporting a connection to NSO."
“As we have repeatedly stated we do not have access to any information with respect to the identities of individuals our system is used to conduct surveillance on. However, where we receive credible evidence of misuse, combined with the basic identifiers of the alleged targets and timeframes, we take all necessary steps in accordance with our product misuse investigation procedure to review the allegations,” a spokesperson for NSO Group said, declining to say whether Saudi Arabia or the UAE were its clients.
The company said that it only sells surveillance tools to law enforcement agencies, and that it is unable to determine what its clients do with the tools.
Responding to NSO, Citizen Lab said that it stood by its findings.
Previously, the NSO Group spyware was allegedly used to target the individuals through a vulnerability in WhatsApp.
Related: Revelation Of 25 Countries That Are Clients Of Surveillance Firm Associated With NSO Group