Zero-click iPhone hack targets dozens of journalists, report says – CNET

apple-logo-6223

Angela Lang/CNET

Dozens of Al Jazeera journalists had their iPhones hacked this summer by state-backed attackers who targeted a so-called zero-click flaw in iMessages, according to a report published Sunday by The Citizen Lab. The phones were reportedly hacked using advanced spyware from Israeli company NSO Group.

Citizen Lab, an academic research lab based at the University of Toronto, said the phones were compromised using an “invisible zero-click exploit in iMessage” that was present in at least iOS 13.5.1. The group said it worked with Al Jazeera and found a total of 36 personal iPhones were hacked, including those belonging to anchors and executives. 

The journalists were hacked by four operators using spyware from NSO Group, according to Citizen Lab, which concluded with “medium confidence” that two attackers were working on behalf of the Saudi Arabian and UAE governments.

NSO Group pushed back on the Citizen Lab report in a statement on Monday, saying the group made assumptions to support its own agenda. 

“This memo is based, once again, on speculation and lacks any evidence supporting a connection to NSO,” said an NSO spokesperson in an emailed statement. “NSO provides products that enable governmental law enforcement agencies to tackle serious organized crime and counterterrorism only, and as stated in the past we do not operate them.”

The attack reportedly doesn’t work against iOS 14, which was released in September and includes new security protections. Apple said it hasn’t been able to independently verify Citizen Lab’s research, but noted that attacks developed by NSO Group generally aren’t targeted at average iPhone customers. 

“At Apple, our teams work tirelessly to strengthen the security of our users’ data and devices. iOS 14 is a major leap forward in security and delivered new protections against these kinds of attacks,” said an Apple spokesperson in an emailed statement. “The attack described in the research was highly targeted by nation-states against specific individuals.”