At least 36 journalists, producers, executive directors and TV presenters of the international broadcaster Al Jazeera, as well as journalists from the London television channel Al Araby TV, were victims of hackers who hacked their iPhone through a zero-day vulnerability in the iMessage iOS application.
According to experts from the human rights organization Citizen Lab, the zero-day vulnerability is part of a bundle of vulnerabilities called Kismet, exploited by the Pegasus spyware from the renowned tracking technology manufacturer NSO Group. According to them, the Israeli company NSO Group sold the Pegasus hacking tool to at least four customers who used it in July-August 2020 to hack the personal smartphones of Al Jazeera employees around the world.
Citizen Lab experts managed to identify two of the four buyers – in Saudi Arabia and the UAE, and connect the hacks with the Monarchy and Sneaky Kestrel groups. Subsequent investigations showed that the attacks had continued since at least October 2019.
At the time the vulnerability was discovered, Kismet was running on the latest iPhones (that is, the iPhone 11 running iOS 13.5.1) and stopped working in the fall of 2020 with the release of iOS 14. Experts notified Apple of the attacks, and the company began its own investigation.
According to the NSO Group’s statement to The Guardian, the company is not aware of the charges against it. “As we have stated many times, we do not have access to any information about the identity of the people being monitored through our system. However, if we obtain credible evidence of misuse in conjunction with the key identifiers of the intended purpose and timing, we will take all necessary steps in accordance with our procedure for investigating misuse of the product, ”said a spokesman for NSO Group.