NSO Group Spyware Used To ‘Hack’ Al Jazeera Journalists

Israeli surveillance specialist NSO Group is back in the spotlight, after researchers claimed its software was used to hack the Apple iPhones of 36 Al Jazeera journalists.

The firm, which in April this year claimed it was in talks with governments around the world so they could use its tracking software to tackle the Coronavirus pandemic, has made headlines before.

NSO it should be remembered is currently engaged in a legal battle with WhatsApp, after Facebook sued NSO in October 2019 and alleged it was behind the cyberattack in 2019 that infected devices with advanced surveillance hacks (reportedly from NSO) in May 2019.

Al Jazeera hack?

NSO denied the allegation, but Facebook won the first round of its legal battle in early March, after the surveillance software maker failed to show up in a US court.

NSO alleged it had not been served in accordance with international law known as the Hague Convention.

NSO Group is in the business of developing surveillance tools that are intended for use by governments and law enforcement agencies.

Now a report by Citizen Lab at the University of Toronto has alleged that dozens of Al Jazeera journalists were allegedly hacked with the help of NSO spyware, reportedly by exploiting a vulnerability in the iPhone operating system.

“In July and August 2020, government operatives used NSO Group’s Pegasus spyware to hack 36 personal phones belonging to journalists, producers, anchors, and executives at Al Jazeera,” claimed the Canadian cyber-security researchers. “The personal phone of a journalist at London-based Al Araby TV was also hacked.”

Citizen Lab researchers alleged that two attackers had spied on the phones of Al Jazeera journalists, were doing so on behalf of the Saudi Arabian and UAE governments.

iPhone vulnerability

According to the researchers, the Apple iPhones were compromised using an exploit chain called KISMET, which appears to involve an invisible zero-click exploit in iMessage.

The researchers said that in July, KISMET was a zero-day against at least iOS 13.5.1 and could hack Apple’s then-latest iPhone 11.

“Based on logs from compromised phones, we believe that NSO Group customers also successfully deployed KISMET or a related zero-click, zero-day exploit between October and December 2019,” said the researchers.

“The journalists were hacked by four Pegasus operators, including one operator MONARCHY that we attribute to Saudi Arabia, and one operator SNEAKY KESTREL that we attribute to the United Arab Emirates,” the researchers alleged.

It seems that KISMET does not work on iPhones using iOS 14 and above.

Citizen Labs advised all iPhone users to update to the latest iOS, and they warned that “given the global reach of NSO Group’s customer base and the apparent vulnerability of almost all iPhone devices prior to the iOS 14 update, we suspect that the infections that we observed were a miniscule fraction of the total attacks leveraging this exploit.”

It confirmed it had shared its findings with Apple and the iPad maker has confirmed they are looking into the issue.

NSO response

A spokesman for NSO Group disputed the Canadian researchers allegations.

“This memo is based once again on speculation and lacks any evidence supporting a connection to NSO,” a NSO spokesman told the BBC.

He added that the firm provided software to governments, who used it tackle serious organised crime and terrorism, and did not operate the software itself.

NSO Group would continue “to work tirelessly to make the world a safer place”, he reportedly added.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Uber Competitor Bolt Raises Prices 10 Percent In London

Uber competitor Bolt raises prices 10 percent in London amidst driver shortage and regulatory changes…

12 hours ago

US Auto Regulator Discusses ‘Safety Concerns’ With Tesla

US and Canadian regulators looking into possible safety issues with Tesla Model 3 and Model…

12 hours ago

Cryptocurrency Funds Show Gains In Spite Of Selloff

Cryptocurrency-centric funds show strong gains for 2021, as assets such as Bitcoin and Ether rise…

13 hours ago

Google, Facebook Chiefs Signed Off On Secret Deal, Lawsuit Says

Google's Sundar Pichai and Facebook's Mark Zuckerberg signed off on a deal to carve up…

13 hours ago

North Korean Hackers ‘Stole $400m’ In 2021

Study finds North Korea-based hackers stealing more than $200m in cryptocurrency a year, rising to…

14 hours ago

Major Stolen Card Marketplace Shuts Down After Making Millions

Operators of stolen card data marketplace UniCC say they will 'retire' due to age and…

14 hours ago