Apple has time and again touted the iPhone as the most secure phone in the world, but Google begs to differ. Google has said that state-sponsored hackers last year used three undiscovered flaws in Apple’s iPhone operating system to target users with spyware created by a European startup. Google’s Threat Analysis Group (TAG), which investigates nation-backed hacking, published a report on Tuesday analysing several government campaigns using hacking tools developed by several spyware and exploit sellers, including a Spain-based startup called Variston.
Google reported that in a particular campaign, hackers working for the government exploited three iPhone vulnerabilities known as “zero-days,” which were not previously known to Apple. The hacking tools used in the attack were developed by Variston, a startup that specialises in surveillance and hacking technology. Google has already analysed Variston’s malware twice, in 2022 and again in 2023. The tech giant said it identified a previously unknown customer of Variston using zero-day exploits to target iPhones in Indonesia in March 2023.
The attackers employed a malicious link via SMS text message to infect the target’s phone with spyware. Afterwards, the victim was redirected to a news article published by the Indonesian newspaper, Pikiran Rakyat. It is unclear who Variston sold its spyware to. Variston, according to Google, works “with several other organisations to develop and deliver spyware.”
Moreover, Google also mentioned in the report that their researchers are tracking approximately 40 companies that sell surveillance software and exploits to government clients across the globe. The report highlighted a few relatively new companies, including Variston, Cy4Gate, RCS Lab and Negg. Previously, Israeli company NSO Group has come in the spotlight for securing deals with several governments for using its Pegasus software by the latter.
Google’s claim also comes months after the incident involving select politicians in India who received an email from Apple stating that there were attempts to hack their iPhones. It gained momentum after the government set up a committee to look into the claims and even enquire about Apple.
In its report, Google stated that it is committed to preventing hacking activities using these companies’ capabilities, which have been linked to targeted monitoring of journalists, dissidents, and politicians.
— Written with inputs from IANSGet latest Tech and Auto news from Techlusive on our WhatsApp Channel, Facebook, X (Twitter), Instagram and YouTube.
Author Name | Shubham Verma