"Dozens of Al Jazeera journalists allegedly hacked using Israeli firm's spyware", 20 Dec 2020

Spyware sold by an Israeli private intelligence firm was allegedly used to hack the phones of dozens of Al Jazeera journalists in an unprecedented cyber-attack that is likely to have been ordered by Saudi Arabia and the United Arab Emirates, according to leading researchers.

In a stunning new report, researchers at Citizen Lab at the University of Toronto said they discovered what appears to be a major espionage campaign against one of the world’s leading media organisations, which is based in Qatar and has long been a thorn in the side of many of the region’s autocratic regimes.

... Researchers at Citizen Lab said the apparent malicious code they discovered, which they claim is used by clients of Israel’s NSO Group, made “almost all” iPhone devices vulnerable if users were using an operating system that pre-dated Apple’s iOS 14 system, which appears to have fixed the vulnerability.

... “As we have repeatedly stated we do not have access to any information with respect to the identities of individuals our system is used to conduct surveillance on. However, where we receive credible evidence of misuse, combined with the basic identifiers of the alleged targets and timeframes, we take all necessary steps in accordance with our product misuse investigation procedure to review the allegations,” a spokesperson for NSO Group said.

... In a statement, Apple said the attack described in Citizen Lab’s research was “highly targeted by nation states” against specific individuals. It said: “We always urge customers to download the latest version of the software to protect themselves and their data.” It also said it could not independently verify Citizen Lab’s analysis.