Think Your iPhone is UnHackable? Think Again. Al Jazeera Journalists' iPhones Were Silently Hacked Using Pegasus Spyware

  • By Dawna M. Roberts
  • Dec 22, 2020

iPhone users generally believe that their phones are un-hackable. In many cases, they would be correct. However, although the iOS system is far superior in terms of keeping the bad guys out, it is not infallible. A group of Al Jazeera journalists was hacked using the NSO Zero Click spyware.

What Happened?

First noted by Citizen Lab at the University of Toronto and then later reported by Tech Crunch and BBC News, a group of 36 journalists working for Al Jazeera news were the victims of an attack on their iPhones, allegedly exploiting an (already fixed) bug in iMessage. 

Cybersecurity researchers have traced the attack to an Israeli firm called NSO Group, but they deny the allegations and say there is no proof. However, BBC News reported that "Citizen Lab researchers say they concluded with "medium confidence" that two attackers who had spied on the phones of Al Jazeera journalists were doing so on behalf of the Saudi Arabian and UAE governments."

The researchers further explained that the attack used a zero-day exploit, which Apple was unaware of but that existed in iOS 13.5.1 and affected many Apple iPhones running iOS 11. 

An investigative filmmaker with Al Jazeera, Mr. Almisshal, contacted Citizen Lab and expressed concern that his iPhone was hacked and he was being spied on. Citizen Lab took possession of the device to see what was going on with it.

They soon commented on their findings "We noticed that on 19 July 2020, his phone visited a website that we had detected in our internet scanning as an Installation Server for NSO Group's Pegasus spyware, which is used in the process of infecting a target with Pegasus."

Thankfully the exploit has been fixed and does not work on iOS 14 (the latest version of the iPhone operating system). Apple confirms that the bug was fixed and that iOS 14 is much more secure. BBC quoted a spokesperson from Apple who said, "The attack described in the research was highly targeted by nation-states against specific individuals." We always urge customers to download the latest version of the software to protect themselves and their data."

Another London-based journalist Dridi had the same spyware on her phone but was targeted by the UAE government. Her cellphone was infected and targeted for a longer period of time (best guesses say October 2019 until July 2020). She was quoted as saying, "My life is not normal anymore. I don't feel like I have a private life again. To be a journalist is not a crime.

How Did it Happen?

Unlike a lot of malware and spyware infections, the users themselves never had to click a link or download anything. The attack on the journalists was silent, probably executed through a malicious empty iMessage. 

The report issued by Citizen Lab described the Pegasus spyware and its origins: 

"NSO Group's Pegasus spyware is a mobile phone surveillance solution that enables customers to remotely exploit and monitor devices. The company is a prolific seller of surveillance technology to governments around the world, and its products have been regularly linked to surveillance abuses.

Pegasus became known for the telltale malicious links sent to targets via SMS for many years. This method was used by NSO Group customers to target Ahmed Mansoor dozens of members of civil society in Mexico, and political dissidents targeted by Saudi Arabia, among others. The use of malicious links in SMSes made it possible for investigators and targets to quickly identify evidence of past targeting. Targets could not only "notice" these suspicious messages, but they could also "search" their message history to detect evidence of hacking attempts.

The research on Mr. Almisshal's phone showed that during the summer (July and August), his phone connected to servers that linked back to NGO Group. They also found that his microphone had been accessed and were used to record phone conversations. The spyware also accessed passwords and used the camera to take photos while tracking the phone's locations as well. 

How Can iPhone Users Protect Themselves?

Apple is a staunch believer in security and privacy. The most critical suggestion to users is that they update their operating system immediately to iOS 14 and keep it updated as new releases come out.

  • Additionally, configure the phone's security settings for the highest level.
  • Keep robust anti-malware software on the phone and run it often. 
  • Regularly go through the phone looking for any suspicious activity or apps you don't recognize. 
  • Never click a link or download attachments in an email. That is one of the most common ways phones get infected with malware or spyware. 
About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagra ... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “A ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the co ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% ... Read More

Clients’ Bank Data Exposed in Blackbaud Ransomware Attack

Blackbaud software was victim to a ransomware attack last May, and new information suggests that c ... Read More

Latest Articles

What is an Incident Response?

What is an Incident Response?

What is an Incident Response? After a bank heist, the work begins with specialized teams and plans engaged, allowing for analysis of the event, and from this analysis, the bank can prepare a response to the incident.

What is a Social Engineering Attack? Techniques and Ways to Prevent

What is a Social Engineering Attack? Techniques and Ways to Prevent

Everyone has received a spam text or email at some point. Their hallmarks are widely known; they often include poor or strange grammar, suspicious links, suggested connections with companies or people, or random individuals asking for help in some capacity.

Side Channel Attack: Everything You Need To Know

Side Channel Attack: Everything You Need To Know

Every year, millions of people get victimized by data breaches. Criminals steal their data from the network environments of organizations, vendors, providers, institutions, and governments; with ever-increasing frequency, cybercriminals are making big moves in the cyber wars—and making billions of dollars. 

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Free Identity Exposure Scan
Instantly and Securely Check if Your Personal Information is Exposed on the Dark Web or Sold by Data Brokers
Please enter first name
Please enter last name
Please select a state
Close
Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an age
Please enter an email address
Close