May 26, 2022

Researchers say they Evidence has emerged that the Jordanian journalist and human rights activist’s iPhone was hacked with Pegasus spyware after Apple sued spyware maker NSO Group to stop targeting Apple customers.

According to an analysis of his phone by Front Line Defenders and Citizen Lab provided by gaming-updates prior to publication, award-winning journalist Suheir Jaradat’s phone was still hacked on December 5, 2021 with infamous spyware. Jaradt received a WhatsApp message from a popular anti-government critic with links to Pegasus spyware that put his phone in danger. According to forensic evidence, the Zardat iPhone has been hacked several times in recent months and even as far back as February 2021.

Apple filed a lawsuit against Israeli spyware maker NSO Group in November 2021, ordering NSO to ban NSO from using Apple products and services to develop and deploy hack attacks against its customers.

If banned, the NSO would have a harder time deploying its spyware, as its most subtle capabilities depend on abusing Apple’s own services, such as iMessage, to distribute malware to Apple user accounts. But so far, the case has gotten off to a slow start after the first judge appointed to hear the case withdrew, and there was no possible decision on the matter until June.

NSO’s Pegasus spyware gives its government clients almost complete access to the target’s hardware, including personal information, photos, messages, and precise location. Many victims have received text messages containing malicious links, but recently Pegasus was able to stealthily hack an iPhone without any user interaction or through so-called “zero click” attacks.

Last year, Apple beefed up iPhone security with the introduction of BlastDoor, a new but underrated security feature designed to filter out malicious payloads sent via iMessage that could compromise the device. But the NSO has discovered the possibility of bypassing the security measures with a new exploit, which the researchers named ForcedEntry for its ability to break the security system of the blast door. Apple patched BlastDoor in September after it was discovered that the NSO exploit was affecting iPads, Macs and Apple Watches, not just iPhones.

Apple declined to comment on the entry when it became aware of the new report ahead of publication.

According to data released Tuesday by Front Line Defenders and Citizen Lab, Jardat is one of a number of Jordanians, including human rights activists, lawyers and fellow journalists, whose phones have been compromised by Jordanian government agencies.

Other targets included human rights lawyer Malik Abu Orabi, who defended the teachers’ union that in 2019 led to the longest public sector strike in the country’s history. Abu Orabi’s phone was already attacked from August 2019 to June 2021. The phone of human rights activist and anti-corruption campaigner Ahmed al-Nimat was also attacked by the ForcedEntry exploit in February 2021. The hijacking of al-Nimat’s phone is believed to be the first suspicious use of ForcedEntry, the researchers said.

According to investigators, the phone of another Jordanian journalist and human rights activist was attacked, but they asked not to disclose his identity.

Apple has become the latest tech giant to file a lawsuit against the NSO for hacking its customers’ phones. The NSO is currently in a legal battle with Facebook over the use of an unknown vulnerability in WhatsApp to hack about 1,400 phones belonging to civil society members. Last year, a US appeals court rejected the NSO’s claim that it was entitled to protection against a foreign sovereign in Israel in this case.

The NSO, which did not respond to a request for comment, has long said it only sells its spyware to law enforcement and intelligence agencies. A spokesman for the Jordanian Embassy in Washington DC responded to our requests for comment.

Leave a Reply

Your email address will not be published.