Skip To Content
JEWISH. INDEPENDENT. NONPROFIT.
Breaking News

Apple Scrambles To Fix Israeli Firm’s iPhone Hack

— The discovery of an Israeli firm’s secret method of hacking in iPhones and iPads prompted Apple Inc to issue a patch to fix a flaw in the security of its products.

The iPhone hack of the NSO Group, an Israeli company that makes software for governments which can secretly target mobile phones and gather information, was discovered after a prominent United Arab Emirates dissident flagged a suspicious web link sent to his phone, Reuters reported.

The thwarted attack on the human rights activist, Ahmed Mansoor, used a text message that invited him to click on the link but instead of clicking, he forwarded the message to researchers at the University of Toronto’s Citizen Lab.

They discovered that the hack is the first known case of software that can remotely take over a fully up-to-date iPhone 6.

Experts at Citizen Lab worked with security company Lookout and determined that the link would have installed a program taking advantage of a three flaws that Apple and others were not aware of. The researchers disclosed their findings on Thursday.

“Once infected, Mansoor’s phone would have become a digital spy in his pocket, capable of employing his iPhone’s camera and microphone to snoop on activity in the vicinity of the device, recording his WhatsApp and Viber calls, logging messages sent in mobile chat apps, and tracking his movements,” Citizen Lab wrote in a report released on Thursday.

The researchers said they had alerted Apple a week and a half ago, and the company developed a fix and distributed it as an automatic update to iPhone 6 owners.

Apple spokesman Fred Sainz confirmed that the company had issued the patch after being contacted by researchers.

Tools such as that used by NSO, a remote exploit for a current iPhone, cost as much as $1 million, according to Reuters.

NSO Chief Executive Shalev Hulio referred questions to spokesman Zamir Dahbash, who said the company “cannot confirm the specific cases” covered in the Citizen Lab and Lookout reports.

Dahbash said NSO sells within export laws to government agencies, which then operate the software.

“The agreements signed with the company’s customers require that the company’s products only be used in a lawful manner,” he added. “Specifically, the products may only be used for the prevention and investigation of crimes.”

Dahbash did not answer follow-up questions, including whether the exposure of the tools use against Mansoor in UAE and a Mexican journalist would end any sales to those countries.

NSO has kept a low profile in the security world, despite its 2014 sale of a majority stake for $120 million to California private equity firm Francisco Partners. That company’s chief executive, Dipanjan Deb, did not return a call on Thursday. In November 2015, Reuters reported that NSO had begun calling itself “Q” and was looking for a buyer for close to $1 billion.

A message from our CEO & publisher Rachel Fishman Feddersen

I hope you appreciated this article. Before you go, I’d like to ask you to please support the Forward’s award-winning, nonprofit journalism during this critical time.

At a time when other newsrooms are closing or cutting back, the Forward has removed its paywall and invested additional resources to report on the ground from Israel and around the U.S. on the impact of the war, rising antisemitism and polarized discourse..

Readers like you make it all possible. Support our work by becoming a Forward Member and connect with our journalism and your community.

—  Rachel Fishman Feddersen, Publisher and CEO

Join our mission to tell the Jewish story fully and fairly.

Republish This Story

Please read before republishing

We’re happy to make this story available to republish for free, unless it originated with JTA, Haaretz or another publication (as indicated on the article) and as long as you follow our guidelines. You must credit the Forward, retain our pixel and preserve our canonical link in Google search.  See our full guidelines for more information, and this guide for detail about canonical URLs.

To republish, copy the HTML by clicking on the yellow button to the right; it includes our tracking pixel, all paragraph styles and hyperlinks, the author byline and credit to the Forward. It does not include images; to avoid copyright violations, you must add them manually, following our guidelines. Please email us at [email protected], subject line “republish,” with any questions or to let us know what stories you’re picking up.

We don't support Internet Explorer

Please use Chrome, Safari, Firefox, or Edge to view this site.