Kenyan Opposition Politician Among High Value Users Targeted by Hackers in Fixed iPhone Security Flaw



An unnamed Kenyan opposition politician was among several high-profile targets by hackers taking advantage of an identified flaw in iOS, the Apple iPhone’s operating system.

The politician, whom Reuters only identifies as a “minority party politician”, may have been a victim of an attack by hackers that exposed a user’s iPhone to a phishing scam. Users received a text message containing a spurious link which when clicked loads a web page on the device’s browser that infects the user’s iPhone with targeted spyware. This is done by the spyware granting itself elevated privileges i.e. through jailbreaking (the iPhone’s equivalent of Android rooting or granting administrator permissions in Windows).

According to Lookout Security which, in conjunction with the University of Toronto’s Citizen Lab, uncovered the threat, once infected, a user’s calls, call logs, text messages, emails as well as communication done using other apps like WhatsApp, Viber, WeChat etc could be accessed remotely by the hackers who planted the spyware.

The vulnerability is the first one of its type that has ever been reported to lead to a user’s iPhone being taken over completely by unauthorized third parties. However, Apple has since fixed the flaw since it was first reported to it by Citizen Lab which uncovered it after UAE human rights activist Ahmed Mansoor brought it to their attention.

The text messages containing spurious links that were sent to Ahmed Mansoor.

According to the report, the spyware has been attributed to the NSO Group, an Israeli company often contracted by foreign governments or their actors to spy on targets using sophisticated software. In this case, the software has been codenamed Pegasus by researchers. “Citizen Lab also found evidence that state-sponsored actors used NSO’s exploit infrastructure against a Mexican journalist who reported on corruption by Mexico’s head of state, and an unknown target or targets in Kenya. The NSO group used fake domains, impersonating sites such as the International Committee for the Red Cross, the U.K. government’s visa application processing website, and a wide range of news organizations and major technology companies. This nods toward the targeted nature of this software.”

In order to make sure they don’t fall victims to such in the future, iPhone users are being advised to make sure they’ve updated their devices to iOS 9.3.5 which includes a fix to the flaw.

It is still anyone’s guess, though, as to who the Kenyan politician cited in the report is.