WASHINGTON — The much-talked-about hack that would allow governments to spy on your every move through your iPhone and iPad has become reality.
Apple issued a security update for those devices Thursday after researchers discovered spyware that turns hand-held Apple devices into the mother of all snoops, allowing remote operators to intercept all voice and data communications and pass along every photograph and video.
Researchers said spyware had never been found before this month that could “jailbreak” an iPhone or iPad and seize total control of its functions.
Efforts to use the spyware have surfaced in Mexico and the United Arab Emirates, where critics of the government appear to have been targeted for surveillance.
“There’s pretty much nothing that this spyware couldn’t get off the iPhone,” said Bill Marczak, one of two researchers at the Citizen Lab at the University of Toronto who discovered the spyware. “It’s a total and complete compromise of the phone.”
Thursday’s development is a hit on the reputation of Apple products as largely hack-proof, and it raises questions over whether the spyware is in widespread use by authoritarian governments around the world.
The Israeli company thought to have produced the spyware said in a statement that it insisted that governments that bought its products use them only in lawful ways. Coding in the spyware indicates it has been around since 2013.
The spyware’s existence also calls into question the security of widely used encrypted communications programs such as WhatsApp and Telegram, both of whose contents can be intercepted on a compromised device before they are scrambled, according to a San Francisco cyber forensics company, Lookout, that joined Citizen Lab in the probe.
The story of how the researchers uncovered the spyware and the evidence of its use is worthy of a spy novel itself.
Marczak and a colleague, John Scott-Railton, began tracking the spyware, which they call the Trident exploit, after a human rights defender in the United Arab Emirates alerted researchers to suspicious text messages.
The rights activist, Ahmed Mansoor, received a text message on his iPhone on the morning of Aug. 10. It said in Arabic: “New secrets about torture of Emiratis in state prisons,” and contained a hyperlink to an unknown site. A similar text message arrived the next day.
Mansoor was wary. He’d already been targeted by other attempts. In all cases, the text messages were bait to get him to click on a link, which would have led to the infection of his Apple iPhone 6 and the control of the device through spying software created by NSO Group, a shadowy Israeli surveillance company, Marczak said.
Marczak and his colleague infected a test iPhone of their own and “watched as unknown software was remotely implanted on our phone,” the two said in a report. They then contacted Lookout to help in reverse-engineering the spyware.
They quickly learned that the infection would have turned Mansoor’s iPhone into a pocket undercover spy “capable of employing his iPhone’s camera and microphone to eavesdrop on activity in the vicinity of the device, recording his WhatsApp and Viber calls, logging messages sent in mobile chat apps and tracking his movements.” Viber is another common communications program.
NSO Group, based in Herzliya, on the northern outskirts of Tel Aviv, was founded in 2010 and describes itself as a leader in “cyber warfare” and a vendor of surveillance software to governments around the world. It maintains no website and keeps a low profile.