Researchers revealed on Thursday that two European journalists were hacking their iPhones with Paragon spyware. Apple says it fixed a bug that was used to hack the phone.
Citizen Lab wrote in a report that Apple had told researchers that it had been “mitigated with iOS 18.3.1,” an iPhone software update released on February 10th, in a report it shared with TechCrunch before its publication.
Until this week, the advisory for that security update only mentioned one unrelated flaw, allowing attackers to disable the iPhone security mechanism that makes it difficult for attackers to unlock their phones.
However, on Thursday, Apple updated its February 10 advisory to include details on the new defects. This was also revised at the time, but it was not published.
“There was a logic issue when processing malicious photos or videos shared via iCloud links. Apple is aware of reports that this issue could have been exploited in a very sophisticated attack on a particular targeted individual.”
In the final version of the report, released Thursday, Citizen Lab confirmed that this is a flaw used against Italian journalist Ciro Pellegrino and “prominent” European journalists without a name.
Please contact us. Do you have more information? Or other spyware manufacturers? From unprocessed devices and networks, you can safely contact Lorenzo Franceschi-Bicchierai with a signal of +1 917 257 1382, via Telegram and Keybase @lorenzofb, or by email.
It is unclear why Apple did not disclose the existence of this patched flaw until four months after the release of the iOS update, and an Apple spokesperson did not respond to requests for comment for clarity.
The Paragon Spyware scandal notified about 90 users in January, including journalists and human rights activists, that it called graphite, which Paragon-created Spyware.
Then, at the end of April, several iPhone users received notifications from Apple, warning them that they were targets for mercantilator spyware. The alert did not mention the spyware company behind the hacking campaign.
On Thursday, Citizen Lab released its findings confirming that two journalists have been hacked after receiving Apple notifications hacked on Paragon's Spyware.
It is unclear whether all Apple users who received the notification were targeted with graphite. Apple Alert said, “Today's notifications have been sent to affected users in 100 countries.”