{"id":243023,"date":"2016-08-26T06:38:35","date_gmt":"2016-08-26T06:38:35","guid":{"rendered":"http:\/\/citifmonline.com\/?p=243023"},"modified":"2016-08-26T06:38:35","modified_gmt":"2016-08-26T06:38:35","slug":"apple-tackles-iphone-one-tap-spyware-flaws","status":"publish","type":"post","link":"https:\/\/citifmonline.com\/?p=243023","title":{"rendered":"Apple tackles iPhone one-tap spyware flaws"},"content":{"rendered":"<p class=\"story-body__introduction\">Flaws in Apple&#8217;s iOS operating system have been discovered that made it possible to install spyware on a target&#8217;s device merely by getting them to click on a link.<\/p>\n<p>The discovery was made after a human rights lawyer alerted security researchers to unsolicited text messages he had received.<\/p>\n<p>They discovered three previously unknown flaws within Apple&#8217;s code.<\/p>\n<p>Apple has since released a software update that addresses the problem.<\/p>\n<p>The two security firms involved, Citizen Lab and Lookout, said they had held back details of the discovery until the fix had been issued.<\/p>\n<p>The lawyer, Ahmed Mansoor, received the text messages on 10 and 11 August.<\/p>\n<p>The texts promised to reveal &#8220;secrets&#8221; about people allegedly being tortured in the United Arab Emirates (UAE)&#8217;s jails if he tapped the links.<\/p>\n<p>Had he done so, Citizen Lab says, his iPhone 6 would have been &#8220;jailbroken&#8221;, meaning unauthorised software could have been installed.<\/p>\n<p>&#8220;Once infected, Mansoor&#8217;s phone would have become a digital spy in his pocket, capable of employing his iPhone&#8217;s camera and microphone to snoop on activity in the vicinity of the device, recording his WhatsApp and Viber calls, logging messages sent in mobile chat apps, and tracking his movements,&#8221; said Citizen Lab.<\/p>\n<p>&#8220;We are not aware of any previous instance of an iPhone remote jailbreak used in the wild as part of a targeted attack campaign, making this a rare find.&#8221;<\/p>\n<p>The researchers say they believe the spyware involved was created by NSO Group, an Israeli &#8220;cyber-war&#8221; company.<\/p>\n<p>&#8220;[It is] the most sophisticated spyware package we&#8217;ve seen,&#8221; said Lookout.<\/p>\n<p>&#8220;It takes advantage of how integrated mobile devices are in our lives and the combination of features only available on mobile &#8211; always connected (wi-fi, 3G\/4G), voice communications, camera, email, messaging, GPS, passwords, and contact lists.&#8221;<\/p>\n<p>NSO has issued a statement acknowledging that it makes technology used to &#8220;combat terror and crime&#8221; but said it had no knowledge of any particular incidents and made no reference to the specific spyware involved.<\/p>\n<p>&#8220;These are rather rare zero-day flaws,&#8221; commented security expert Prof Alan Woodward, referring to the technical name for previously unknown vulnerabilities.<\/p>\n<p>&#8220;To have several found at once is even rarer. As can be seen from how these have been exploited to date, it represents a serious threat to the security and privacy of iOS users.<\/p>\n<p>&#8220;Apple has been remarkably responsive in providing fixes for these issues, so I would encourage any iOS users to update to the latest version of the operating system.&#8221;<\/p>\n<p>&#8211;<\/p>\n<p>Source: BBC<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Flaws in Apple&#8217;s iOS operating system have been discovered that made it possible to install spyware on a target&#8217;s device merely by getting them to click on a link. The discovery was made after a human rights lawyer alerted security researchers to unsolicited text messages he had received. They discovered three previously unknown flaws within [&hellip;]<\/p>\n","protected":false},"author":14,"featured_media":64228,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jnews-multi-image_gallery":[],"jnews_single_post":[],"jnews_primary_category":[],"jnews_social_meta":[],"jnews_override_counter":[],"footnotes":""},"categories":[106],"tags":[],"class_list":["post-243023","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/citifmonline.com\/index.php?rest_route=\/wp\/v2\/posts\/243023","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/citifmonline.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/citifmonline.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/citifmonline.com\/index.php?rest_route=\/wp\/v2\/users\/14"}],"replies":[{"embeddable":true,"href":"https:\/\/citifmonline.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=243023"}],"version-history":[{"count":0,"href":"https:\/\/citifmonline.com\/index.php?rest_route=\/wp\/v2\/posts\/243023\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/citifmonline.com\/index.php?rest_route=\/wp\/v2\/media\/64228"}],"wp:attachment":[{"href":"https:\/\/citifmonline.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=243023"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/citifmonline.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=243023"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/citifmonline.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=243023"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}