Apple has rushed out a software update after an attempt was made to break into a man’s iPhone using a spyware link that could have spied on his calls and messages.
A text message sent to Emirati activist Ahmed Mansoor’s phone on 10 August promised to reveal details about alleged torture in prisons in the United Arab Emirates.
Had Mr Mansoor clicked on a link, experts say hackers would have been able to eavesdrop on him, steal data and activate the camera.
Instead, he reported the text to internet watchdog group Citizen Lab and phone security firm Lookout, exposing an undiscovered vulnerability in the phone’s iOS operating system.
“Once infected, Mansoor’s phone would have become a digital spy in his pocket, capable of employing his iPhone’s camera and microphone to snoop on activity in the vicinity of the device, recording his WhatsApp and Viber calls, logging messages sent in mobile chat apps, and tracking his movements,” Citizen Lab said.
It was “the most sophisticated spyware package we have seen in the market”, said Mike Murray, a researcher from Lookout.
Citizen Lab said the spyware was likely produced by an Israeli company, NSO Group, which makes software for governments that can secretly target mobile phones.
In a statement, NSO did not comment on whether it had developed the software but said its mission was to provide “authorised governments with technology that helps them combat terror and crime”, and had no knowledge of any particular incidents.
Researchers said Apple had been informed last week, enabling it to quickly develop a fix.
Mr Mansoor, a human rights activist, said he hoped the discovery “could save hundreds of people from being targets”.
Before this latest attempt, he had already been targeted using commercial spyware twice before.