Recently The Guardian reported on the alleged hacking of a cell phone used by the international media group Al Jezerra. Earlier this year the phone was receiving anonymous calls and texts threatening Al Jezerra employees working on the investigative journalism program “The Tip of the Ice Berg”. The messages demanded, among other things, certain stories seen in show teasers not be run, at times even suggesting those working on the show might face the same fate as Jamal Khashoggi.
In an attempt to determine who was behind the threats, The Citizen Lab, based in Toronto Canada, was enlisted to forensically analyze the device and eventually to install a monitoring and tracking platform created by Citizen Lab. The phone was monitored for a number of months with no apparent abnormal behavior noted. Then a few days after the show aired a potentially sensitive story for the United Arab Emirates suspicious activity was detected. Eventually over 30 mobile devices at the company were determined to have been compromised as well.
In its report of the incident, Citizen Lab noted that they believed the attack was carried out using software from the Israeli private security firm NSO. Further, they identified a number of groups believed to be operating the software including a group from Saudi Arabia and another from the UAE. The software was alleged to have been deployed using an exploit that takes advantage of older Apple iOS devices. This exploit would not require any input from the victim’s end; however it seems this exploit has been fixed with new versions of Apple’s operating system.
Email: Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology