Communications of the ACM
iPhones Vulnerable to Hacking Tools for Months, Researchers Say
For almost a year, spyware sold by Israels NSO Group allegedly wasarmed with a zero-footprint, zero-click, zero-day exploit that used a vulnerability in iMessage to seize control of an iPhone at the push of a button.
Credit: Postmodern Studio/Alamy Stock Photo
Researchers at Canada's University of Toronto (U of T) said spyware sold by Israel's NSO Group incorporated a zero-click zero-day exploit that could commandeer iPhones via a flaw in iMessage.
They said the "Kismet" tool would leave no visible sign of implantation, could be installed by sending a message that victims did not have to click on, and worked even on phones running the latest iOS version.
The researchers reported 37 known examples of Kismet being used by NSO Group clients against journalists covering news in and around the Middle East, yet "we suspect that the infections were a minuscule fraction of the total attacks used with this exploit."
The U of T team said logs from compromised phones suggested Kismet, or a similar exploit, has been in use for more than a year.
From The Guardian (U.K.)
View Full Article
Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA
No entries found