Zero-click iOS zero-day found deployed against Al Jazeera employees

At least 36 Al Jazeera journalists, producers, anchors, and executives, along with a journalist at London-based Al Araby TV, had their iPhones hacked using a no-user-interaction zero-day vulnerability in the iOS iMessage app, an academic research group said today.

Citizen Lab, a cybersecurity and human rights abuse research group at the University of Toronto, said the zero-day was part of an exploit chain named Kismet that was created and sold by NSO Group, a well-known vendor of spyware and surveillance products.

Researchers claim NSO sold the Kismet hacking tool to at least four entities, who used it in July and August 2020 to hack the personal iPhones of 36 Al Jazeera reports from all over the globe.

Read more…
Source: ZDNet