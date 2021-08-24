Bahrain man The rights activist’s iPhone was quietly hacked earlier this year by a powerful spy sold in nation states, defeating the new security protections Apple created to counter covert compromises, say researchers at Citizen Lab.

The activist, who remains in Bahrain and asked not to be named, is a member of the Bahrain Center for Human Rights, an award-winning non-profit organization that promotes human rights in the Gulf state. The group continues to operate despite one ban imposed by the kingdom in 2004 after the arrest of its director for criticizing the then prime minister of the country.

Citizen Lab, the University of Toronto-based webmaster, analyzed the activist’s iPhone 12 Pro and found evidence that it had been hacked starting in February using the so-called “zero-click” attack, as it requires no user interaction infecting the victim’s device. The zero-click attack took advantage of a security vulnerability previously unknown in Apple’s iMessage, which was used to push the Pegasus spy, developed by the Israeli firm NSO Group, into the activist’s phone.

Hacking is important, no less because Citizen Researchers Lab said it found evidence that the zero-click attack successfully exploited the latest iPhone software at the time, such as iOS 14.4 and later iOS 14.6, which Apple released in May. But hacking also bypasses a new security feature of the software integrated into all versions of iOS 14, called BlastDoor, which is supposed to prevent these types of device hacking by filtering out malicious data sent through iMessage.

Because of its ability to bypass BlastDoor, researchers called this latest use ForcedEntry.

Citizen Lab’s Bill Marczak told TechCrunch that researchers made Apple aware of efforts to target and utilize updated iPhones. When reached by TechCrunch, Apple would not explicitly say if it had found and fixed the vulnerability that NSO is exploiting.

In a statement issued Tuesday, Apple’s head of security engineering and architecture, Ivan Krstic, said: “Apple unequivocally condemns cyber attacks against journalists, human rights activists and others seeking to make the world a better place. Attacks like the ones described are very sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals, which means that they are not a threat to the vast majority of users. our, we continue to work tirelessly to protect all of our customers, and we are constantly adding new protections to their equipment and data.

An Apple spokesman said BlastDoor was not the end of its efforts to secure iMessage and that it has strengthened its protection in iOS 15, which is scheduled to be released next month or so.

The Citizen Lab said the Bahraini government was likely to have been behind the targeting of the Bahraini human rights activist as well as eight other Bahraini activists between June 2020 and February 2021.

Bahrain is one of several authoritarian states known as Pegasus government clients, including Saudi Arabia, Rwanda, the United Arab Emirates, and Mexico; though, the NSO has repeatedly refused to name or confirm dozens of its clients, citing non-disclosure agreements.

Five of Bahrain’s targeted phone numbers were found on the Pegasus Project list of 50,000 possible Pegasus spy surveillance phone numbers, which gives its government clients almost full access to a target device, including their personal information, photos, messages and location.

One of the phone numbers listed belongs to another member of the Bahrain Center for Human Rights, whom Citizen Lab said was targeted months ago and with a different use of zero clicks, called Kismet, who and preceded by ForcedEntry. Citizen Lab says Kismet no longer works on iOS 14 and later since BlastDoor was introduced, but still poses a risk to devices running older versions of the iPhone.

Two other Bahrainis, who now live in exile in London and have agreed to be named, have also had their iPhones hacked.

Moosa Abd-Ali, a photojournalist that was previously targeted by FinFisher spyware sold to the Bahraini government, his iPhone was hacked while he was living in London. The Citizen Lab said it had only seen the Bahraini government spy in Bahrain and neighboring Qatar, and said it suspected another foreign government with access to Pegasus may have been responsible for the hacking. The last reporting was found The UAE, a close ally of Bahrain, is the “main government” for choosing UK phone numbers Abd-Ali’s phone number was also on the list of 50,000 phone numbers.

Bahraini activist Yusuf Al-Jamri also had his iPhone confiscated by the Bahraini government some time before September 2019, although it is not known if Al-Jamri’s iPhone was hacked while he was in Bahrain or London. Al-Jamri was granted asylum in the UK in 2017.

The seven unnamed Bahrainis continue to work in the kingdom despite a long history of human rights violations, online censorship and widespread repression. Reporters Without Borders lists Bahrain’s human rights record as well one of the most limiting in the world, ranked only after Iran, China and North Korea. A 2020 report by the US State Department on human rights in Bahrain said the country cited significant violations and abuses and noted that the government “used computer programs to monitor political activists and members of the opposition at home and abroad.” .

When it arrived, the NSO Group did not answer specific questions nor did it say whether the Bahraini government would be a client. In a statement attributed solely to an NSO spokeswoman sent through its outsourced public relations firm Mercury, the NSO said it had not seen the Citizen Lab findings and would “vigorously investigate the allegations and act accordingly.” with the circumstances based on the findings “.

NSO recently claimed he cut off access to five government clients in Pegasus for human rights abuses.

Zainab Al-Nasheet, a spokesman for the Bahraini government, told TechCrunch in a statement: “These allegations are based on baseless allegations and wrong conclusions. The Government of Bahrain is committed to protecting the rights and freedoms of individuals. ”

Abd-Ali, who said he was arrested and tortured in Bahrain, said he thought he would find security in the UK, but that he still faces digital surveillance but also physical attacks, like many victims of the spyware experience. .

“Instead of protecting me, the British government has remained silent as three of their close allies Israel, Bahrain and the UAE conspired to invade my privacy and that of dozens of other activists,” he said.

