“Security researchers say a little-known Israeli startup exploited previously unknown bugs in Apple Inc.’s smartphone software to help foreign governments spy on their citizens,” Robert McMillan reports for The Wall Street Journal. “The researchers say the surveillance software was the work of NSO Group Technologies Ltd., which sells primarily to government agencies. The researchers, at Citizen Lab, a group that investigates surveillance technology, and at mobile-security firm Lookout Inc., say they discovered the software in a link sent earlier this month to the phone of Ahmed Mansoor, a human-rights activist in the United Arab Emirates.”
“Their report sheds new light on the capabilities of private security companies to produce sophisticated software for state-sponsored spying,” McMillan reports. “It also suggests that the iOS operating system behind Apple’s iPhones isn’t as impregnable as it appeared earlier this year, when the Federal Bureau of Investigation struggled for weeks and ultimately paid $1 million to unlock a phone tied to the San Bernardino terror attack.”
“NSO Group’s software takes advantage of three previously unknown flaws in iOS to install itself on an iPhone, where it then transforms the phone into a surveillance device, tracking its movements, logging messages and downloading personal data,” McMillan reports. “In a statement Thursday, Apple said it had been ‘made aware of this vulnerability and immediately fixed it.’ The company advised iPhone users to download the new version of iOS, dubbed 9.3.5.”
Read more in the full article here.
MacDailyNews Take: Update to iOS 9.3.5 ASAP.
About the security content of iOS 9.3.5
For our customers’ protection, Apple doesn’t disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.
For more information about security, see the Apple Product Security page. You can encrypt communications with Apple using the Apple Product Security PGP Key.
Apple security documents reference vulnerabilities by CVE-ID when possible.iOS 9.3.5
Released August 25, 2016Kernel
Available for: iPhone 4s and later, iPad 2 and later, iPod touch (5th generation) and later
Impact: An application may be able to disclose kernel memory
Description: A validation issue was addressed through improved input sanitization.
CVE-2016-4655: Citizen Lab and LookoutKernel
Available for: iPhone 4s and later, iPad 2 and later, iPod touch (5th generation) and later
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed through improved memory handling.
CVE-2016-4656: Citizen Lab and LookoutWebKit
Available for: iPhone 4s and later, iPad 2 and later, iPod touch (5th generation) and later
Impact: Visiting a maliciously crafted website may lead to arbitrary code execution
Description: A memory corruption issue was addressed through improved memory handling.
CVE-2016-4657: Citizen Lab and LookoutSEE ALSO:
Apple boosts iPhone security after Mideast spyware discovery; releases iOS 9.3.5 – August 25, 2016
If an Israeli private contractor has such software, you know damn well the NSA already has.
You’re exhibiting more confidence in the judgment of the NSA than usual!
Certainly not any ethical or constitutional confidence, but I have no doubt of their advanced technical prowess in violating the Fourth Amendment…
Edward Snowden is in exile, yet Hillary Merkel walks free….well, dodders free.
I figured the NSA just learned about this software from reading MDN this afternoon.
lol
Agreed, very funny. NSA = not sure anymore whether they know what they’re doing haha 🙂
If they did, someone at the NSA ought to be demoted.
egads, NSA-this and NSA-that. NSA, NSA, NSA ad infinitum.
The malware could not auto install itself, it (the malware) still required user action to get on the user’s iPhone.
Be that as it may, I installed the update anyway. No telling who may use the exploit in the future.
BTW, Ahmed Mansoor is an antisemitic ideologue, not a “human-rights activist”. Its time to move to shut these people down. We need sanity to re-enter the world. Moving back to 15th century islamism is not the answer. Kudos to NSO Group Technologies Ltd!
I have found nothing to confirm him to be an “antisemitic ideologue”. It’s just typical israeli agents would want to surveill and harass an individual engaged in fighting for elementary democratic rights in an arabic islamic oppressive state (and of course a puppet US regime)
@Groucho – typical lib bull hockey. This “individual engaged in fighting for elementary democratic rights” is a islamist and constantly rants against all things Israel – using lies and other typical lib/marxist/progressive tactics. Your blathering about the “puppet US regime” gives you away as a typical self loathing child who’s mind has been made right by the Marxist educators/”journalists” etc out there.
– it astounds me as to how moronic the lib clapping seals can be…
Still only blathering: where are the FACTS asshole saying AM is an antisemite?? I call you on the FACTS!!
So Semite Ahmed Mansoor is anti-Semitic, a self-hating Semite? lol
Luv, perhaps you ought to speak to Trump about the current administration’s use of Muslim members of his administration like Huma, for one.
Somehow the standard press outlets mostly ignore her past.
If we are going to repeal the several clauses of the US Constitution that so foolishly allow free exercise of religion and guarantee equal protection of the laws, I have another group in mind:
Some years ago, a tiny religious minority overthrew the lawful government of a major world power and subjected the adherents of the majority faith to persecution… including the execution or exile of their religious leaders and the conversion of many houses of worship into barracks or stables. Because the lawful chief of state would not abjure the faith of his fathers, they condemned him after a show trial and publicly beheaded him. The radical religious terrorists replaced the constitutional government with a military dictatorship governed by religious “law” that lasted almost 20 years.
When the people finally rose up to overthrow the tyrants, some members of the radical terror sect fled to America, where they continued to indoctrinate their children in religious schools and perpetuate their peculiar beliefs and practices. There are still some of them among us. Rumor has it that one of them is running for President.
They call them Presbyterians.
@TxUser – And your point is…?
Honestly, these lib/marxist clapping seals have serious issues. Poorly educated, unable to evaluate facts, falling in to believe ANYTHING their Marxist leaders tell them (i.e. journalists, elites, movie stars)…
You OBVIOUSLY have absolutely no knowledge of how our Constitutional government is SUPPOSED to work. It is deeper then your simple mind/understanding is obviously capable of.
I will take Presbyterians over Sharia Low and Islamo-nazis ANY day of the week.
@LuvConstitution, you OBVIOUSLY have absolutely no knowledge of hot our Constitutional government ACTUALLY works.
Which is worse? Supposedly not knowing some fantasy theory of how things should work, or not knowing how they actually work in the real world we have to live in?
@Bo – I HONESTLY wish he would listen. We are stuck between a rock and a hard place with this election. We could have done SO much better, but we are stuck with Trump. Clinton would be a disaster several times over Trump though. If she weren’t ABOVE the law (due to our all knowing elites who have DESTROYED our Justice system) she would absolutely rightly be in prison right now.
This is a terrible disgrace, but it points out how far we have fallen. We NO LONGER have a functioning Constitutional government. What we do have is unknown, but where it will lead is clear – more and more central governmental control and less and less personal freedoms. More and more tax burden to pay for fanciful schemes to achieve utopia until we become Greece or Venezuela. And when the collapse STARTS, it will move along VERY QUICKLY.
So very sad…
I got to tell you, I think Hillary Clinton would be very bad for this country (I’m far left of her), but if you think Trump isn’t ALSO an “untouchable elite,” you really need to think a bit harder.
And, Trump doesn’t believe in any of the political principles you probably hold. Given power, he will do whatever makes him feel good about himself at the moment, with no regard for political philosophy or self-destructive outcomes. Isn’t that obvious?
Thank you MDN for posting the CVE details!
I continue to point at the essentially lousy software programming tools we have in the modern era. We’re all hoping that Apple’s Swift programming language tackles the worst of these problems, most particularly bad memory management, to help begin a new era of more secure programming.
The weakest security link in computing? We humans. The problem starts with the programmers who should now better and finishes with the grannies who will never know any better. Our systems are going to have to take into account the Wetware Error and LUSER Factor in order to stop the all-too-easy hacking of everything. Meanwhile, the almost total ignoring of security in the Internet of Things (IoT) is an enormous hindrance and bodes poorly for its success. Example: Get a baby cam and your baby goes on exhibit for the entire Internet to see. That’s horrific.
Sigh. More Apple nagware to update. Just after I installed the previous update, too.
I guess the real question is how many devices that have been loaded with this spyware are out there and does the fix clear it – or do they remain spying devices ?
You can check your device to see if it has been compromised by this malware with the free Lookout app from the App Store:
https://appsto.re/us/zr_6z.i
The update says its 22 Mbytes. It took about 5 hours for the update to install itself on an iPad3. The password had to be entered five or six times during the installation.
The update took around 10 minutes or so to download and install here, on multiple devices. Perhaps your internet connection was slow.
The whole San Bernadino phone unlocking by the police just “theatre” for the masses to believe inthe security of their phone
If you don’t typically click links in text messages from unknown and untrusted people, and you aren’t a high-value target, you are likely unaffected.
Even so, you can check your device to see if it has been compromised by this malware with the free Lookout app from the App Store:
Lookout app:
https://appsto.re/us/zr_6z.i
Just open Lookout, sign up with an email and password, sign in, and if the Security section is green and says “Secure”, your device is not affected.
Lookout believes the vast majority of users will not be impacted by Pegasus given the sophisticated, targeted nature of the attack. Given the high price tag associated with these attacks — Zerodium paid $1
million for an iOS vulnerability last year — we believe this kind of software is very targeted, meaning the purchaser is likely to be both well-funded and specifically motivated.
Lookout BLOG post about this malware:
https://blog.lookout.com/blog/2016/08/25/lookout-trident-pegasus-enterprise-discovery/
This spyware is quite sophisticated, as you can see by reading the technical analysis.
Technical analysis:
Click to access lookout-pegasus-technical-analysis.pdf
For the average iOS user, there’s little to worry about. Update to iOS 9.3.5, and if you are really paranoid that someone with millions of dollars to spend on spyware has targeted little, old you, run the free Lookout app, and you are done. ; )