Dozens of Al Jazeera journalists had their iPhones hacked this summer by state-backed attackers who targeted a flaw in iMessages, according to a report published Sunday by The Citizen Lab. The phones were reportedly hacked using advanced spyware from Israeli company NSO Group. The targets could be hacked without having to click on a malicious link from their devices.
Citizen Lab, an academic research lab based at the University of Toronto, said the phones were compromised using an "invisible zero-click exploit in iMessage" that was present in at least iOS 13.5.1. The group said it worked with Al Jazeera and found a total of 36 personal iPhones were hacked, including those belonging to anchors and executives.
The journalists were hacked by four operators using spyware from NSO Group, according to Citizen Lab, which concluded with "medium confidence" that two attackers were working on behalf of the Saudi Arabian and UAE governments. NSO Group is an Israel-based firm that makes hacking tools for government clients, and is part of a larger industry that creates helps government entities access its targets' phones, computers and other devices. The hacking tools are supposed to help law enforcement and counter-terrorism efforts, but critics say the industry as a whole is prone to helping authoritarian governments hack the devices of dissidents and journalists.
NSO Group has been implicated by previous reports and lawsuits in other hacks, including a reported hack of Amazon CEO Jeff Bezos. A Saudi dissident sued the company in 2018 for its alleged role in hacking a device belonging to journalist Jamal Khashoggi, who had been murdered inside the Saudi embassy in Turkey that year. Journalists and activists from Mexico and Qatar have also sued the company for providing tools that hacked their devices. A Citizen Lab report from January said a New York Times journalist writing about a Saudi dissident received a link containing a NSO Group hacking tool on his phone in 2018.
NSO Group pushed back on the most recent Citizen Lab report in a statement on Monday, saying the group made assumptions to support its own agenda.
"This memo is based, once again, on speculation and lacks any evidence supporting a connection to NSO," said an NSO spokesperson in an emailed statement. "NSO provides products that enable governmental law enforcement agencies to tackle serious organized crime and counterterrorism only, and as stated in the past we do not operate them."
The attack reportedly doesn't work against iOS 14, which was released in September and includes new security protections. Apple said it hasn't been able to independently verify Citizen Lab's research, but noted that attacks developed by NSO Group generally aren't targeted at average iPhone customers.
"At Apple, our teams work tirelessly to strengthen the security of our users' data and devices. iOS 14 is a major leap forward in security and delivered new protections against these kinds of attacks," said an Apple spokesperson in an emailed statement. "The attack described in the research was highly targeted by nation-states against specific individuals."