Researchers at Citizen Lab, a team that investigates surveillance technology, and Lookout Inc. claim that a little-known Israeli startup exploited unknown flaws in iOS to help foreign governments spy on their citizens.
As The Wall Street Journal points out, the surveillance software in question came from NSO Group Technologies Ltd. which is known to sell to governments. Researchers first became aware of the software earlier this month through a link sent to a human-rights activist in the United Arab Emirates.
The software, dubbed Pegasus, reportedly takes advantage of three flaws in iOS. Once installed, it acts as a surveillance device and can log messages, track movement and siphon personal data.
Apple on Thursday said it was made aware of the vulnerabilities and fixed them immediately, issuing an emergency patch (version 9.3.5) which you can download here.
Lookout VP of Security Research Mike Murray told the Journal that this is the most professional piece of spyware he has ever seen, adding that it operates in a way as to not attract suspicion. By that, he means that it doesn’t drain a device’s battery quickly and only transmits larger loads of data when on Wi-Fi.
A spokesperson for NSO told the Journal that they had no knowledge of the case involving the human-rights activist, adding that its mission is to help make the world a safer place by providing authorized governments with technology that helps them combat terror and crime.