One of the world’s most evasive digital arms dealers is believed to have been taking advantage of three security vulnerabilities in popular Apple products in its efforts to spy on dissidents and journalists, reports The New York Times. (Editor’s note: the link could be paywalled, here’s an alternate source). From the report: Investigators discovered that a company called the NSO Group, an Israeli outfit that sells software that invisibly tracks a target’s mobile phone, was responsible for the intrusions. The NSO Group’s software can read text messages and emails and track calls and contacts. It can even record sounds, collect passwords and trace the whereabouts of the phone user. In response, Apple on Thursday released a patched version of its mobile software, iOS 9.3.5. Users can get the patch through a normal software update.The Washington Post reports that these “zero-day” flaws were previously used by the governments to take over victims’ phones by tricking them into clicking on a link to a text message. Motherboard says that this is the first time anyone has uncovered such an attack in the wild. “Until this month, no one had seen an attempted spyware infection leveraging three unknown bugs, or zero-days, in the iPhone. The tools and technology needed for such an attack, which is essentially a remote jailbreak of the iPhone, can be worth as much as one million dollars.”
Read more of this story at Slashdot.