Apple issues urgent iPhone iOS upgrade; how to protect your phone

Mansoor was targeted five years ago with FinFisher spyware and again the following year with Hacking Team spyware, according to Citizen Lab research.

Had he fallen for the ruse, the Trident chain of “zero-day exploits” would have broken into his iPhone and installed snooping software.

Thankfully, Mansoor didn’t click the link.

In a statement on Thursday, Citizen Lab – working with Lookout, a security firm – described the attempted hack as bearing the hallmarks of a previous piece of spyware developed by NSO.

Apple Inc issued a patch on Thursday to fix a unsafe security flaw in iPhones and iPads after researchers discovered that a prominent United Arab Emirates dissident’s phone had been targeted with a previously unknown method of hacking. The kit appears to persist even when the device software is updated and can update itself to easily replace exploits if they become obsolete.

Upon discovery, the two organizations immediately notified Apple and the iPhone maker immediately got to work on iOS 9.3.5, which was released on Thursday.

The malware, dubbed Pegasus, is being sold by a secretive Israeli surveillance technology company called NSO Group, which sells its software to foreign governments – ostensibly to fight crimes, but Mansoor’s case shows that malware like Pegasus can quickly target the innocent as well. If you do and your phone is lost or stolen, you can wipe your iPhone clean of any personal information.

Computer forensics experts tell The Associated Press the spyware takes advantage of three previously undisclosed weaknesses in Apple’s mobile operating system to take complete control of iPhone handsets. This makes it extremely challenging for phone makers to test and release updates to plug up risky security holes quickly.

“As security breaches go, this is fairly serious, considering how fast Apple addressed it”, says Andrew Blaich, a staff researcher at Lookout.

Security is an ongoing and never-ending battle between phone makers like Apple and Google and hackers.

Citizen Lab said that United Arab Emirates resident Ahmed Mansoor was the target of the cyberattack.

NSO Group is reportedly owned by an American venture capital firm, Francisco Partners Management, according to Citizen Lab.

While no platform will ever be be truly secure, updating to the latest version of your phone’s software is the best way to remain safe.