Apple releases security patch after iPhone zero day exploit used on UAE political dissident
Ahmed Mansoor is an internationally recognized human rights defender, based in the United Arab Emirates (UAE), and recipient of the Martin Ennals Award (sometimes referred to as a iNobel Prize for human rightsi). On August 10 and 11, 2016, Mansoor received SMS text messages on his iPhone promising inew secretsi about detainees tortured in UAE jails if he clicked on an included link. Instead of clicking, Mansoor sent the messages to Citizen Lab researchers. We recognized the links as belonging to an exploit infrastructure connected to NSO Group, an Israel-based icyber wari company that sells Pegasus, a government-exclusive ilawful intercepti spyware product. NSO Group is reportedly owned by an American venture capital firm, Francisco Partners Management.The ensuing investigation, a collaboration between researchers from Citizen Lab and from Lookout Security, determined that the links led to a chain of zero-day exploits (izero-daysi) that would have remotely jailbroken Mansooris stock iPhone 6 and installed sophisticated spyware. We are calling this exploit chain Trident. Once infected, Mansooris phone would have become a digital spy in his pocket, capable of employing his iPhoneis camera and microphone to snoop on activity in the vicinity of the device, recording his WhatsApp and Viber calls, logging messages sent in mobile chat apps, and tracking his movements.