APPLE BOOSTS IPHONE SECURITY AFTER MIDEAST SPYWARE DISCOVERY

AP Paris ^ | August 25, 2016

[Swordmaker]

PARIS (AP) -- Apple says it is issuing a security update after powerful espionage software was found targeting an activist's iPhone in the Middle East.

Computer forensics experts tell The Associated Press the spyware takes advantage of three previously undisclosed weaknesses in Apple's mobile operating system to take complete control of iPhone handsets.

Two reports published Thursday by the San Francisco-based Lookout and internet watchdog group Citizen Lab outline how the spyware could compromise an iPhone with the tap of a finger, a trick so coveted in the world of cyberespionage that one spyware broker said last year that it had paid a $1 million dollar bounty to programmers who'd found a way to do it.

Apple said in a statement that it fixed the vulnerability immediately after learning about it.

[Swordmaker]

The update is NOW available to close the vulnerability. Download and install it from Settings/General/Software update on your iPhone and iPad. This updates iOS to 9.3.5.

This update is for iPhone 4s and later, iPad 2 and later, and iPod touch (5th generation) and later.

This is apparently a very targeted, commercial exploit from a security firm who sells access to state agencies. It might have been the one that Apple was outbid on in the white hat security conference last month by a private concern who paid $1 million for a vulnerability because they wanted to monetize it.

More info from the New York Times:

Apple Software Vulnerability Is Linked to Intrusions
By NICOLE PERLROTH —AUG. 25, 2016

SAN FRANCISCO — One of the world’s most evasive digital arms dealers is believed to have been taking advantage of three security vulnerabilities in popular Apple products in its efforts to spy on dissidents and journalists.

Investigators discovered that a company called the NSO Group, an Israeli outfit that sells software that invisibly tracks a target’s mobile phone, was responsible for the intrusions. The NSO Group’s software can read text messages and emails and track calls and contacts. It can even record sounds, collect passwords and trace the whereabouts of the phone user.

In response, Apple on Thursday released a patched version of its mobile software, iOS 9.3.5. Users can get the patch through a normal software update.

Apple fixed the holes 10 days after a tip from two researchers, Bill Marczak and John Scott Railton, at Citizen Lab at the University of Toronto’s Munk School of Global Affairs, and Lookout, a San Francisco mobile security company.

“We advise all of our customers to always download the latest version of iOS to protect themselves against potential security exploits,” said Fred Sainz, a company spokesman.

In interviews and manuals, the NSO Group’s executives have long boasted that their spyware worked like a “ghost,” tracking the moves and keystrokes of its targets, without leaving a trace. But until this month, it was not clear how exactly the group was monitoring its targets, or who exactly it was monitoring.

A clearer picture began to emerge on Aug. 10, when Ahmed Mansoor, a prominent human rights activist in the United Arab Emirates, who has been tracked by surveillance software several times, began receiving suspicious text messages. The messages purported to contain information about the torture of U.A.E. citizens.

Correction: August 25, 2016
An earlier version of this article described incorrectly the day when Apple released a patched version of its mobile software, iOS 9.3.5. It was Thursday, not Wednesday.

[manc]

you are on a political website and have been for some time and yet you never post anything political. Always pumping up Apple. Now do you come here for political news and info , or do you even have a candidate on who you support?

[Lera]

Thanks :)
I had to check twice for the update before my phone would load it .

[Swordmaker]

Apple has quickly closed an iOS vulnerability that has apparently been used by a commercial security firm to sell an exploit to a state level agency to invade an activists iPhone in the Middle East. iOS update to 9.3.5 is now available on Settings/General/Software Update to close the vulnerability that was used to gain access to the activist's iPhone. This update is for iPhone 4s and later, iPad 2 and later, and iPod touch (5th generation) and later. At last month's White Hat hackers' conference, Apple was outbid for a vulnerability that was discovered by an unknown private bidder who paid $1 million for just such a vulnerability in iOS 9. . . It is likely this commercial company who provided this exploit is the winning bidder. If so, I certainly hope they charged the state level agency enough to get their money back, since Apple has closed that vulnerability so quickly! — PING!

Apple iOS Security Update
Ping!

The latest Apple/Mac/iOS Pings can be found by searching Keyword "ApplePingList" on FreeRepublic's Search.

If you want on or off the Mac Ping List, Freepmail me

[Airwinger]

Free Republic is politics only?? who knew, guess we have to stop posting about hurricanes and tornados and riots and shooting and football...........
BTW I saw a post about windows earlier, did you jump on him too??

Get real, I for one appreciate Swordmaker keeping me informed about these things and thats why I’m on the ping list!

[DesertRhino]

Bullcrap. I’ve seen his numerous posts on the FBI vs Apple litigation. This story is political as hell. AND in any case, you aren’t the hall monitor so STFU.
Sukhoi posts a million airplane stories. Some catholics post Catholic theology things throughout the day. Some people post a lot of stories about Astronomy and physics.
We get stories about music, old movies and art.

Two stories down is a woman winning 10 million on penny slots. Two stories past that is a warning to avoid a kindle app in windows 10 or it’ll brick your machine.

So apple products is his thing, buzz off. All politics and nothing else makes manc a dull boy.

[Swordmaker]

you are on a political website and have been for some time and yet you never post anything political. Always pumping up Apple. Now do you come here for political news and info , or do you even have a candidate on who you support?

I have posted lots of political things. You just don't see them because you don't pay attention. I also maintain several PING lists, one of which happens to be the Apple/Mac/iOS/iPhone Ping list which has over 750 active Freepers who have asked me to keep the posted on news associated with those subjects. THEY outnumber YOU.

That being said, how does an article about a VULNERABILITY in iOS "pump" Apple? I bet you didn't even bother to read the article did you? You just jumped in and knee-jerked reacted with an Apple hate reaction, didn't you?

[SubMareener]

A clearer picture began to emerge on Aug. 10, when Ahmed Mansoor, a prominent human rights activist in the United Arab Emirates, who has been tracked by surveillance software several times, began receiving suspicious text messages. The messages purported to contain information about the torture of U.A.E. citizens.
- - - - -
But this is not political? Man Child, we were really fooled! Honest! ;-)

[DesertRhino]

“That being said, how does an article about a VULNERABILITY in iOS “pump” Apple? “

Elegant response....lol. BTW, I appreciate your very detailed answers to apple questions. I have an S7 for one use, and an IPhone 6s+ for anther. Haven’t fully gone apple yet, but am going to for an upcoming laptop replacement. Learning some interesting things from your posts.

[DesertRhino]

“.... in its efforts to spy on dissidents and journalists.”

This is becoming a norm. It should be a stop the press despotic government red flashing light. Domestic spying on someone who philosophically disagrees, or a journalist who might expose truth.

This is sick Stasi crap.

[manc]

Then I must go through your past posts more then , because I have never seen you post where you stand politically.

[Swordmaker]

More information on the exploit and who and how:

The Million Dollar Dissident: NSO Group’s iPhone Zero-Days used against a UAE Human Rights Defender

August 24, 2016 Categories: Bill Marczak, John Scott-Railton, Reports and Briefings

Authors: Bill Marczak and John Scott-Railton,  Senior Researchers at the Citizen Lab, with the assistance of the research team at Lookout Security.

Media coverage: The New York Times, Motherboard

This report describes how a government targeted an internationally recognized human rights defender, Ahmed Mansoor, with the Trident, a chain of zero-day exploits designed to infect his iPhone with sophisticated commercial spyware.

1. Executive Summary

Ahmed Mansoor is an internationally recognized human rights defender, based in the United Arab Emirates (UAE), and recipient of the Martin Ennals Award (sometimes referred to as a “Nobel Prize for human rights”).  On August 10 and 11, 2016, Mansoor received SMS text messages on his iPhone promising “new secrets” about detainees tortured in UAE jails if he clicked on an included link. Instead of clicking, Mansoor sent the messages to Citizen Lab researchers.  We recognized the links as belonging to an exploit infrastructure connected to NSO Group, an Israel-based “cyber war” company that sells Pegasus, a government-exclusive “lawful intercept” spyware product.  NSO Group is reportedly owned by an American venture capital firm, Francisco Partners Management.

The ensuing investigation, a collaboration between researchers from Citizen Lab and from Lookout Security, determined that the links led to a chain of zero-day exploits (“zero-days”) that would have remotely jailbroken Mansoor’s stock iPhone 6 and installed sophisticated spyware.  We are calling this exploit chain Trident.  Once infected, Mansoor’s phone would have become a digital spy in his pocket, capable of employing his iPhone’s camera and microphone to snoop on activity in the vicinity of the device, recording his WhatsApp and Viber calls, logging messages sent in mobile chat apps, and tracking his movements.  

We are not aware of any previous instance of an iPhone remote jailbreak used in the wild as part of a targeted attack campaign, making this a rare find.

Excerpt, Read more at the source: Citizen Lab.Org

[manc]

Tell you what , before you chime in again then get a grip and don’t tell me to STFU

[DesertRhino]

STFU...hows that? You sure have an “in charge of the site” complex today.

[donozark]

There is no requirement for ‘Swordmaker’ nor anyone else to post where they stand politically. I’ve been here since Bob Dole was running for President and never heard of such a requirement, anyway.

[manc]

speaks you who piped up and butted in and then states STFU, do one and get off your high horse.

[manc]

No there is not, but when you see a poster always posting about Apple then it begs the question does he work for Apple and wants to promote it.

[aMorePerfectUnion]

Thanks for the heads up. Done.

[aMorePerfectUnion]

but when you see a poster always posting about Apple then it begs the question does he work for Apple and wants to promote it.

Get a grip. There is no reason an Apple employee could not sign up here and provide a free notification.

Swordmaker provides a *volunteer* free notification service. Perfectly fine here.

Why aren't you posting political stuff, instead of posting on an apple thread? Hmmmmmm?

[Swordmaker]

No there is not, but when you see a poster always posting about Apple then it begs the question does he work for Apple and wants to promote it.

You've had that question answered multiple times on multiple threads, yet you keep trolling Apple themed threads to keep raising it over and over again. You are the one with the agenda.