Dozens of journalists at Al Jazeera reportedly fell victim to an eavesdropping campaign with a notorious iMessage interaction-less exploit at its core.
Researchers at Toronto-based Citizen Lab have recently unearthed an unprecedented cyber-espionage move targeting 37 journalists at Al Jazeera, a major media organization headquartered in Qatar. This campaign was allegedly set in motion using a zero-click exploit chain dubbed Kismet, which hinges on an undocumented iMessage vulnerability. The stealth attack vector leverages the Pegasus spyware masterminded by the Israeli private intelligence company called NSO Group. Most unnervingly, it has been attributed to government actors in the United Arab Emirates and Saudi Arabia that have a long track record of trying to silence independent reporters.
The commercial hacking tool works quietly enough to slip by an iPhone user’s attention. It is unleashed by simply sending a specially crafted message to a would-be victim’s device – moreover, the recipient doesn’t even have to open it or tap anything on the screen. When up and running, the spyware can track device location, record phone calls, take pictures using the camera, and retrieve credentials stored on the iPhone. Citizen Lab analysts have found no evidence that the latest version of Apple’s mobile operating system (iOS 14) is vulnerable to the Kismet attack. However, all previous versions are at risk of exploitation as long as a competent adversary kicks in.
The recent operation in which dozens of Al Jazeera journalists found themselves in the crosshairs of high-profile snoops wasn’t really a wake-up call. As a matter of fact, NSO Group’s spyware had been seen in a series of earlier campaigns deployed in the UAE and Saudi Arabia. The intelligence firm has responded to the latest reports by stating that their tools are only intended to chase down criminals.
These claims are at odds with occasional scandals involving nation-state actors eager to snoop on unbiased media and critics. In light of the Al Jazeera incident, Apple has reiterated the importance of installing the latest version of iOS that comes with defenses against the Pegasus spyware.