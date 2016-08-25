By Joseph Menn
SAN FRANCISCO Aug 25 Apple Inc issued
a patch on Thursday to fix a dangerous security hole in iPhones
and iPads after researchers discovered that a prominent United
Arab Emirates dissident's phone had been targeted with a
previously unknown method of hacking.
The attack on the dissident, Ahmed Mansoor, used a text
message that invited him to click on a web link. Instead of
clicking, he forwarded the message to researchers at the
University of Toronto's Citizen Lab.
Experts there worked with security company Lookout and
determined that the link would have installed a program taking
advantage of a flaw that Apple and others were not aware of. The
researchers disclosed their findings on Thursday.
The researchers said that they had alerted Apple, which
developed a fix and distributed it as an automatic update to
iPhone 6 owners.
Apple spokesman Fred Sainz confirmed that the company had
issued the patch after being contacted by researchers about the
issue.
The Citizen Lab team attributed the attack software to a
private seller of monitoring systems, NSO Group, an Israeli
company that makes software for governments which can secretly
target a user's mobile phone and gather information from it.
Such tools, known as remote exploits, cost as much as $1
million.
An attack on a fully patched, current-model iPhone 6 had not
been detected before, though they had been considered possible
for major governments, which generally have more surveillance
resources at their disposal.
