There is evidence that a Jordanian journalist and human rights defender's phone was hacked by the NSO Group, just weeks after Apple sued the company to stop it from targeting its customers.
An analysis of Suhair Jaradat's phone by Front Line Defenders and Citizen Lab was shared with TechCrunch before it was published. A person pretending to be a popular anti-government critic sent a message to Jaradat, compromising her phone. Jaradat's phone was hacked several times in the preceding months and as far back as February 2021.
In November of 2021, Apple filed a lawsuit against NSO Group, seeking a court-issued injunction to ban NSO from using Apple products and services to develop and deploy hacks against its customers.
The injunction would make it more difficult for NSO to deploy its software since it relies on abusing Apple's own services to deliver the software. The case has gotten off to a slow start, with no decision on the case likely to be made before June.
The NSO-built Pegasus spyware gives its government customers near-complete access to a target's device, including their personal data, photos, messages and precise location. Many victims have received text messages with malicious links, but Pegasus has recently been able to silently hack iPhones without any user interaction.
Apple introduced a new security feature last year called BlastDoor, which is designed to prevent malicious messages from being sent to a device. The security measure was circumvented by NSO with a new exploit called ForcedEntry. The NSO exploit was found to affect iPad, Macs, and Apple Watches, and Apple fixed BlastDoor in September.
When contacted about the new report, Apple refused to comment on the record.
According to Front Line Defenders and Citizen Lab, Jaradat is one of several Jordanians who had their phones compromised by agencies of the Jordanian government.
Among the others targeted are a human rights lawyer who defended the teachers union during the longest public sector strike in the country's history. The phone of Abu Orabi was targeted as early as August 2019. The phone of a human rights defender was targeted by the ForcedEntry exploit. The earliest suspected use of ForcedEntry is believed to be the hacking of Al- Neimat's phone.
The phone of a human rights defender in Jordan was targeted, but the person who asked for her identity not to be disclosed was a journalist.
Apple is the latest company to file a lawsuit against NSO. NSO is currently involved in a legal battle with Facebook over the use of a then-unknown vulnerability in WhatsApp to hack into some 1,400 phones belonging to members of civil society. In the case of Israel, the U.S. appeals court rejected NSO's claim that it was entitled to protection.
NSO has always said that it only sells its software to law enforcement and intelligence agencies. A person from the Jordanian Embassy in Washington DC responded to our questions.
Apple patches an NSO zero-day flaw affecting all devices
All Rights Reserved © 2024
