U.A.E. Spying Team Had Tool to Pilfer Contents of iOS Devices by Messaging Them ⇥ reuters.com

Joel Schectman and Christopher Bing, Reuters:

A team of former U.S. government intelligence operatives working for the United Arab Emirates hacked into the iPhones of activists, diplomats and rival foreign leaders with the help of a sophisticated spying tool called Karma, in a campaign that shows how potent cyber-weapons are proliferating beyond the world’s superpowers and into the hands of smaller nations.

[…]

The ex-Raven operatives described Karma as a tool that could remotely grant access to iPhones simply by uploading phone numbers or email accounts into an automated targeting system. The tool has limits — it doesn’t work on Android devices and doesn’t intercept phone calls. But it was unusually potent because, unlike many exploits, Karma did not require a target to click on a link sent to an iPhone, they said.

In 2016 and 2017, Karma was used to obtain photos, emails, text messages and location information from targets’ iPhones. The technique also helped the hackers harvest saved passwords, which could be used for other intrusions.

It isn’t clear whether the Karma hack remains in use. The former operatives said that by the end of 2017, security updates to Apple Inc’s iPhone software had made Karma far less effective.

This story is just one part of a deeper investigation from Schectman and Bing into surveillance activities by the United Arab Emirates on dissidents and activists, which is worth reading. Remarkably, it even cites a named source.

The timing of the capabilities of this exploit coincide with the introduction of iMessage media previews. If I were looking to create a security hole in an iPhone without any user interaction, that’s the first place I’d look. Also, note that this report states that this exploit is now “far less effective”; it does not say that the vulnerabilities have been patched.