All it takes is one click, and anyone with the right tech savvy can jailbreak and access your iPhone.
Earlier this month, United Arab Emirates (UAE)-based human rights activist Ahmed Mansoor received two seemingly work-related text messages, the first on Aug. 10 and the second on the 11th: if he clicked on some links, Mansoor would have access “new secrets” about detainees tortured in UAE jails. Luckily for him, he didn’t. Instead, he sent the messages to Citizen Lab, a Toronto-based digital rights watchdog, for testing.
Researchers there infected a test phone with the links and found that if Mansoor had clicked on the links, hackers would have been able to control his phone remotely.
Citizen Lab believes Mansoor was likely targeted by the UAE government, because the hack “cost a huge amount of money to purchase and use,” Citizen Lab’s senior researcher John Scott-Railton said in an interview with Quartz—more than anyone but governments and a few equally flush individuals and groups have access to. Citizen Lab titled their report on the hack “The Million Dollar Dissident.” The hack, said Scott-Railton, was “exceptionally rare and exceptionally powerful.”
According to Citizen Lab, here’s what could have happened if Mansoor had fallen prey to the hacking attempt:
Once infected, Mansoor’s phone would have become a digital spy in his pocket, capable of employing his iPhone’s camera and microphone to snoop on activity in the vicinity of the device, recording his WhatsApp and Viber calls, logging messages sent in mobile chat apps, and tracking his movements.
The researchers took the security loopholes to Apple, on Aug. 12 and the Cupertino giant patched the problems by Aug. 15, said Scott-Railton. However, anyone who has not updated to version 9.3.5 still remains a target.
A “trident” of vulnerabilities in the iPhone allowed hackers to gain complete control of the handset, according to Citizen Lab and mobile security company Lookout. First, a text, tweet, or another type of message “with a benign-looking URL” is the bait used in this phishing scam, Lookout explained in its report. Once the user clicks on one of these links, opens the web browser, and lets the page load, then hackers can exploit the browser or operating system’s vulnerability to silently jailbreak the device. Lastly, they discreetly install persistent malware, gaining access to the device.
“We were made aware of this vulnerability and immediately fixed it with iOS 9.3.5. We advise all of our customers to always download the latest version of iOS to protect themselves against potential security exploits,” Apple said in a statement. The company did not offer details of how the issue was solved.
“This particular attack shows the power of the kind of political stance people like Mansoor take, and that government will be willing to use the most expensive tools to intercept them,” Scott-Railton told Quartz. He added that this is not the end of powerful attacks on activists, dissidents, journalists, and others—most of whom are deeply under-resourced when it comes to protecting themselves from such sophisticated attacks. “These activists are canaries in the coal mine,” he said.