A suspicious message that appeared on the iPhone of Ahmed Mansoor promised details about torture in prisons across the United Arab Emirates. All that had to be done was click on the attached text message link.
Mansoor, an activist for human rights, did not click the link. Instead, he posted it on Citizen Lab, a watchdog on Internet, which in turn set off a big chain reaction that over a period of two weeks exposed a secretive cyber-espionage company in Israel, stopped a new type of software that eavesdropped and gave millions of users of iPhone around the world increased digital security.
Mansoor said that knowing Apple made this fix and that he helped to changed things was comforting. He added that he hoped the new developments would save many from being targets.
Hidden inside the link of the text message was a spyware that was designed to take advantage of three undisclosed weaknesses in the mobile operating system of Apple.
A pair of reports released online last week outlined how the spyware programs could compromise an iPhone completely by just clicking on the link. If he had clicked on the link, hackers would have be given free reign of eavesdropping on calls, messages, and could activate the phone’s camera and drain the phone of personal data.
Apple issued its fix for the vulnerabilities last Thursday, just prior to the release of the report, working at a quick pace for which many praised the company.
Many software engineers have expressed worry over the new spyware technology that targeted users of iPhones.
They also are worried about how Mansoor was targeted. The activist has draw ire repeatedly from local authorities in the UAE calling for democratic freedoms and free press.
He is one of the few defenders of human rights in the country with a profile that is international, close links to international media and a full network of sources.
Online, Mansoor has been in the government’s crosshairs repeatedly via electronic eavesdropping operations. Even prior to the first text message turned up on his phone, Mansoor already weathered attacks by two brands of spyware.
The latest spyware was traced back to a secretive firm in Israel called the NSO Group and that this spyware hacking attempt was likely done through the support of the UAE government.