iOS Exploits Traced to Israeli 'Predator' Spyware Used on Egyptian Politician
Thursday’s newly disclosed vulnerabilities in iOS were used to install spyware on an iPhone belonging to an Egyptian politician running for president, according to security researchers.
The findings come from spyware watchdog group Citizen Lab, which worked with Google to report the vulnerabilities to Apple earlier this month. On Thursday, Apple rushed out an emergency patch to protect iPhone, iPads, and Macs from the threat.
Citizen Lab says it discovered the vulnerabilities after the Egyptian presidential candidate Ahmed Eltantawy reached out to the organization over suspicions that his iPhone had been compromised. “Our forensic analysis showed numerous attempts to target Eltantawy with Cytrox’s Predator spyware,” Citizen Lab said in the report.
Cytrox is an Israeli-Hungarian cyber arms dealer that sells to foreign governments. The company’s “Predator” spyware was previously documented infecting devices belonging to two exiled Egyptians, along with other targets, including an employee at Facebook’s parent Meta.
In Eltantawy’s case, the attack leveraged three iOS vulnerabilities to secretly install Cytrox’s Predator spyware. Exploiting the vulnerabilities can allow a hacker to booby-trap a website to trigger rogue computer code on an iPhone, elevate their hacking privileges on iOS, and also bypass Apple’s security system to check if an installed app is legitimate or not. The result paves the way for a zero-click attack, requiring no user interaction. Hence, Citizen Lab is urging all iPhone users to patch their devices.
But perhaps the most disturbing finding is how Eltantawy’s own cellular provider played a role in installing the spyware on his phone. Vodafone Egypt forwarded his iPhone’s browser to malicious
Read more on pcmag.com
