NEW YORK, NEW YORK, UNITED STATES (REUTERS) – Apple Inc issued a patch on Thursday (August 25) to fix a dangerous security hole in iPhones and iPads after researchers discovered that a prominent United Arab Emirates dissident’s phone had been targeted with a previously unknown method of hacking.
The attack on the dissident, Ahmed Mansoor, used a text message that invited him to click on a web link. Instead of clicking, he forwarded the message to researchers at the University of Toronto’s Citizen Lab.
Experts there worked with security company Lookout and determined that the link would have installed a program taking advantage of a flaw that Apple and others were not aware of. The researchers disclosed their findings on Thursday.
The Citizen Lab team attributed the attack software to a private seller of monitoring systems, NSO Group, an Israeli company that makes software for governments which can secretly target a user’s mobile phone and gather information from it. Such tools, known as remote exploits, cost as much as $1 million.
An attack on a fully patched, current-model iPhone 6 had not been detected before, though they had been considered possible for major governments, which generally have more surveillance resources at their disposal.