UAE hacked Al Jazeera journalists’ phones using Israeli spyware

Spyware created by an Israeli company was reportedly used by Saudi Arabia and the UAE to hack into the phones and devices of dozens of journalists working for Qatari news outlet Al Jazeera.

The discovery of the widespread hacking was revealed in a report by the University of Toronto’s software developer Citizen Lab, which raised concerns over the vulnerability of Apple’s iPhone and the impact that lack of sufficient security has had on one of the prominent international media organisations.

Citizen Lab, which apparently has some of the world’s best researchers in digital surveillance, claimed that the malware it discovered was used by clients of the Israeli NSO Group and rendered “almost all” iPhone devices without Apple’s latest iOS 14 system vulnerable.

The hacking attack against Al Jazeera‘s journalists was uncovered when its well-known investigative journalist Tamer Almisshal sought Citizen Lab’s help after he grew suspicious that his phone had been hacked. The researchers then monitored his phone and found the spyware, and in the process learned that the Israeli spyware was rapidly adapting to usual ways of being detected.

Unlike previous cases of the NSO Group’s spyware hacking phones through click methods such as sending WhatsApp messages – as Saudi Arabia’s Crown Prince Mohammed bin Salman did to Amazon chief Jeff Bezos last year – this attack on the journalists was conducted using “zero-click” technology.

It means that the victims of the cyberattack on their phones did not need to click on any link or message to allow the spyware to enter, making the advancement “more sophisticated, less detectable.”

The hacking of Almisshal’s phone had been accomplished after it was infected with a malicious code delivered through Apple’s servers, which automatically connected it to an NSO Group server.

Another journalist named Rania Dridi, who works for Al Araby TV, was also hacked six times between October last year and July this year. Speaking to the British newspaper the Guardian, Dridi said: “I don’t know how to explain my feeling. It messes with your mind. Everything, your private life, it’s not private any more.”

She stressed: “It wasn’t [just] for a month, it was for a year, and they have everything: the phone calls, the pictures, videos, they can turn the microphone on…It makes you feel insecure.” Dridl will be taking legal action against the United Arab Emirates, which is reported to have been responsible for the hacking of her phone.

According to Citizen Lab’s report, 36 personal phones belonging to Al Jazeera employees were hacked by four “clusters” or NSO Group operators, most likely on behalf of the Saudi and Emirati governments. One of those operators allegedly spied on 18 phones and another operator on 15 phones, successfully hacking the phones of news anchors, producers and other journalists belonging to the media network which has for years been loathed by autocratic governments in the region along with Israel.

The channel has already been shut down in Saudi Arabia, Bahrain and Egypt following the ongoing Saudi-led blockade against Qatar in 2017.

The NSO Group has sold its technology to various governments and intelligence agencies across the Middle East, enabling countries such as Saudi Arabia, the UAE, and Morocco to use the Israeli spyware to monitor journalists and dissidents even living abroad.

When criticised and held to account for how its technology was used, the NSO Group has repeatedly denied responsibility for how its clients use its product, telling the Guardian: “We do not have access to any information with respect to the identities of individuals our system is used to conduct surveillance on.”

It assured, however, that “where we receive credible evidence of misuse, combined with the basic identifiers of the alleged targets and timeframes, we take all necessary steps in accordance with our product misuse investigation procedure to review the allegations.”

Apple also commented on these latest hacking allegations, saying in a statement: “We always urge customers to download the latest version of the software to protect themselves and their data.”