- Government hackers exploited three unknown vulnerabilities in Apple’s iPhone operating system using spyware developed by a European startup, Variston.
- Google’s Threat Analysis Group uncovered the hacking campaign, which targeted iPhones in Indonesia, with the hackers sending malicious links via SMS containing spyware.
- Variston’s partnerships with organizations like Protect AE in the UAE highlight the global reach of surveillance technology and the threats it poses to privacy and democratic processes.
Last year, Google revealed that hackers working for governments managed to exploit three secret weaknesses in Apple‘s iPhone system. They used spyware created by a European company called Variston.
Google’s team, which investigates state-supported hacking, shared a detailed report this Tuesday. It delved into various government schemes employing hacking tools from different spyware and exploit sellers, including Variston based in Barcelona.
How the Attack Happened?
In one of these schemes, government hackers made use of three ‘zero-day’ issues in iPhones. Zero-days are problems that Apple doesn’t know about at the time they’re exploited.
The tools used for this attack were developed by Variston. Google uncovered this in March 2023 when they found a Variston customer using these zero-days to target iPhones in Indonesia.
The hackers sent a text message with a harmful link, infecting the recipient’s phone with spyware. The victim was then redirected to a news article by an Indonesian newspaper called Pikiran Rakyat. However, Google didn’t reveal who Variston’s government client was in this instance.
Apple’s Response
When asked about this hacking campaign, an Apple spokesperson declined to comment. It’s unclear whether Apple was aware of this incident discovered by Google. Apple is known for its strong stance towards cybersecurity by constantly providing security updates to its users.
Trouble at Variston
Despite gaining attention from Google, Variston faced internal issues. Over the past year, the company lost several employees, according to former staff who spoke anonymously due to non-disclosure agreements.
Variston’s Numerous Partnerships
Variston has collaborated with various organizations to develop and distribute spyware. Google identified one of these collaborators as Protect AE, a company based in the United Arab Emirates.
Protect AE combines the spyware it creates with the Heliconia framework and infrastructure. They then offer this package for sale, either to a local broker or directly to a government client.
The Rise of European Spyware Makers
While Israeli companies like NSO Group have garnered significant attention, Google’s report indicates a growing presence of European spyware makers. Companies like Variston, Cy4Gate, RCS Lab, and Negg are expanding their reach and capabilities in the market. Many governments are seeking to use spyware to gather more information about their enemies.
Google’s Commitment to Prevent Hacking Campaigns
Google emphasized its commitment to disrupting hacking campaigns conducted with tools from these companies. They’ve been linked to targeted surveillance of journalists, dissidents, and politicians, posing a threat to freedom of speech, a free press, and the integrity of elections worldwide.
The proliferation of spyware poses a serious threat to individuals’ privacy and fundamental rights. While these attacks may target a small number of users, their impact extends far beyond, affecting freedom of speech and democratic processes. Tech companies, governments, and civil society must work together to address these threats and protect the rights of individuals online.
