Apple has issued a new software update after alleged spyware that could compromise the iPhone was reported in the Middle East.
The apparent weaknesses in iOS – the software that runs on the iPhone – were reported after a failed attempt to hack the phone of an activist in the region via a text message containing a malicious link.
Instead of tapping on the link, Ahmed Mansoor reported it to online watchdog group Citizen Lab and security firm Lookout, who uncovered previously undiscovered vulnerabilities in iOS.
In a statement on the malware, Citizen Lab said: “Once infected, Mansoor’s phone would have become a digital spy in his pocket, capable of employing his iPhone’s camera and microphone to snoop on activity in the vicinity of the device, recording his WhatsApp and Viber calls, logging messages sent in mobile chat apps, and tracking his movements.
“We are not aware of any previous instance of an iPhone remote jailbreak used in the wild as part of a targeted attack campaign, making this a rare find.”
The malware would have been able to do this by remotely “jailbreaking” Mansoor’s phone and then installing the spyware.
Jailbreaking is the practice of manually removing some of the software restrictions Apple builds into the iPhone, enabling those who do it to install apps from any source rather than just the App Store. Unsurprisingly it is something Apple actively encourages users to not do.
Citizen Lab added that it was likely the software had been produced by NSO Group, an Israeli company that it is claimed specialises in “cyber warfare” and offers solutions to governments and intelligence firms which can monitor and extract data from targets, according to Privacy International.
Citizen Lab and Lookout said they informed Apple of their findings last week, enabling the technology giant to move quickly to fix the issues, resulting in iOS 9.3.5 being rolled out on Thursday.