Dozens Of Al-Jazeera Journalists' IPhones Become Spyware Victims
JAKARTA - Spyware attacks have hit again, this time the victims are dozens of journalists from the Al-Jazeera news agency. Dozens of journalists 'smartphones have been infiltrated with spyware that can record and intercept users' activities.
Launching from Techcrunch, Tuesday, December 22, the incident was reported by cybersecurity supervisor Citizen Lab at the University of Toronto some time ago. At least 36 journalists, producers and executives from the Al-Jazeera news agency were targeted by the spyware.
The hack took place via 'zero click' spyware, which exploited a security hole in Apple iMessage to enter the reporter's iPhone. It is called zero click because this spyware can infiltrate the victim's device, even if the victim does not click any links.
Citizen lab said, this spyware was made by NSO from Israel. So far there are four consumers who are strongly suspected of using devices made by NSO, including the governments of Saudi Arabia and the United Arab Emirates (UES).
Al-Jazeera itself is a state-owned media company in Qatar. According to information circulating, the two countries have recently been involved in a geopolitical dispute with Qatar.
"This is not only very scary, but also a feat of hacking a phone. You can use your phone normally, completely unaware that other people are looking at everything you do," said Citizen Lab senior researcher Bill Marczak.
The use of spyware also strengthens indications that Arab governments are monitoring the movements and activities of journalists. Given this NSO-made spyware first appeared after the murder of a Washington Post journalist, Jamal Khasoggi.
How Does Spyware Work?From a number of Citizen Lab findings, this Pegasus type of spyware can infect smartphones or digital devices through security holes in third-party applications. Even this spyware can record, and use the microphone and phone calls of its users secretly.
This includes copying photos taken from cellphone cameras and accessing passwords stored on smartphones. For the case of cell phone tapping belonging to Al-Jazeera journalists, Citizen Lab found that spyware exploited a security flaw in the iMessage application on the iPhone.
The spyware infected cell phone will be connected to a server known as the control center of Pegasus. Where Citizen Lab tracks, if the hacked data has been recorded in the period July to August.
Apple and NSO argueSo far, Apple has not confirmed the findings of Citizen Lab. Given that Apple is committed to maintaining the security and privacy of iPhone users through the latest iOS 14 operating system.
Even so, Apple promised to examine the possibility of security holes infiltrated by spyware to tap journalists' iPhones. IOS 14 software updates and security patches will be released regularly by Apple.
"At Apple, our team is working non-stop to strengthen the security of data and user devices. IOS 14 has a major increase in security and has new protections for this kind of attack," said an Apple spokesman, as quoted by The Guardian.
On the other hand, the NSO Group has denied the accusation by Citizen Lab that the software they developed was used for spying purposes. NSO believes the use of the software it has developed has a serious aim in tackling organized crime.
"(We) are unable to comment on reports that we have not reviewed. When we receive credible evidence of abuse. We are taking all necessary steps in accordance with our product abuse investigation procedures to review these allegations," said NSO.