Every now and then, a new way to break into iPhones comes up in the media and makes headlines in the tech press all over the world. Just look at the example of GrayKey, the infamous black box that unlocked iOS devices and made the investigation agency party and (possibly) criminal organizations around the planet.
This time, however, the Reuters brought up a much more lethal instrument: an invasion tool developed by former US spies that installed itself on any iPhone through a simple text message and allowed the attacker to access a range of device information such as photos, emails, messages, browsing history, location and even passwords.
The tool was named Karma and created by the species for the government of United Arab Emirates by an unspecified value. According to the report, the country used the method to spy on hundreds of notable public figures from 2016, such as the Emir of Qatar and human rights activist (and Nobel Peace Prize winner) Tawakel Karman.
The team of ex-species and officials from the Emirati government responsible for developing the tool was named “Project Raven”, based in Abu Dhabi. At least five team members provided project information Reuters none of them from the Arab Emirates.
Former Raven Lori Stroud, who had worked at the NSA before joining the project, called the success of the Karma tool a Christmas species:
It was like saying, “We have this great new tool that we bought. Take the huge list of targets that have iPhones now. ”It was like Christmas.
It is not known exactly what breach the species used to create the tool, but it is well known that it lived (or lives) in iMessage and could be activated on any iPhone, even if the user did not use Apple's messaging platform and even without touching it. on any link it was enough for the infected text message to be sent, and the device was already susceptible to spying.
Similarly, it is unclear whether Karma is still used by the Arab Emirates government or whether its operation has already been inhibited by Apple in any software update; It is known, however, that an iOS update applied at the end of 2017 has made the tool “much less effective” although it is not known exactly how much its use has since cooled down.
Even though Karma has already been abandoned, the news of its existence is astonishing: until then, it was believed that only a few world powers (such as the US, China and Russia) had sufficient technical capacity to build a weapon of this type. yes, for such a silent and lethal instrument of invasion can today be considered a weapon. The entry of a small (albeit very rich) country into the game shows that the terrain of digital encroachment is still largely untapped, and threats can emerge from anywhere.
Neither Apple nor the Arab Emirates government wanted to comment on the case, but we will be on the lookout for new information.