Apple issues update after security flaws laid bare
The company released its latest iOS version, 9.3.5, on Thursday, which the New York Times said was meant to fix three security vulnerabilities in Apple products.
Those vulnerabilities had been targeted by the NSO Group, an Israeli spyware company, which has created a product that can rifle through a phone to read texts, track calls and record sounds, among other capabilities, the New York Times reported.
Apple told various US media outlets that it fixed the vulnerabilities as soon it learned about them.
The spyware was detected when used against Ahmed Mansoor, a human rights activist in the United Arab Emirates, who has been repeatedly targeted using spyware.
After receiving a suspicious text with a link, he reported the matter to the University of Toronto’s Citizen Lab which worked in conjunction with San Francisco-based mobile security firm Lookout to research the affair, USA Today reported.
“The attack allows an adversary to silently jailbreak an iOS device and stealthily spy on victims, collecting information from apps including Gmail, Facebook, Skype, WhatsApp, Calendar, FaceTime, Line, Mail.Ru, and others,” Lookout said in a blog post.
John Scott-Railton, one of the authors of a report issued by Citizen Lab, said researchers had traced the link on Mansoor’s phone to NSO Group, USA Today reported.
However it was not known which country or entity had used the spyware to target him.
“This discovery is further proof that mobile platforms are fertile ground for gathering sensitive information from target victims, and well-resourced threat actors are regularly exploiting that mobile environment,” Lookout said in its blog post.
Apple users are being advised to install the latest update.