打開鏈接即被破解及入侵! iPhone出現嚴重安全漏洞!

Flaws in Apple's iOS operating system have been discovered that made it possible to install spyware on a target's device merely by getting them to click on a link.

日前，在蘋果iOS操作系統中，僅僅通過讓用戶點擊一個鏈接就可以在目標設備上安裝間諜軟件的漏洞已被發現。

The discovery was made after a human rights lawyer alerted security researchers to unsolicited text messages he had received. They discovered three previously unknown flaws within Apple's code.

該漏洞發現的起因是一名人權律師向安全研究人員報告稱，他收到了來路不明的短信。安全研究人員在蘋果的代碼中發現了三個之前沒有查明的漏洞。

Apple has since released a software update that addresses the problem.

自該問題被爆出後，蘋果已經發布了一版軟件更新來解決這個問題。

The two security firms involved, Citizen Lab and Lookout, said they had held back details of the discovery until the fix had been issued.

據發現漏洞的兩家安全公司“公民實驗室”和“瞭望臺”表示，在蘋果發佈修復補丁之前，他們一直保守着發現的細節沒有泄密。

The lawyer, Ahmed Mansoor, received the text messages on 10 and 11 August. The texts promised to reveal "secrets" about people allegedly being tortured in the United Arab Emirates (UAE)'s jails if he tapped the links.

涉事律師阿姆哈德·曼蘇爾分別在8月10日和11日收到了不明短信。這些短信保證說，如果曼蘇爾點擊鏈接，就可以知道關押在阿聯酋監獄中的人被折磨的“祕密”。

Had he done so, Citizen Lab says, his iPhone 6 would have been "jailbroken", meaning unauthorised software could have been installed.

公民實驗室方面表示，如果曼蘇爾這樣做了的話，他的iPhone 6就會被“越獄”，這就意味着未經授權的軟件可以安裝在他的手機中。

"Once infected, Mansoor's phone would have become a digital spy in his pocket, capable of employing his iPhone's camera and microphone to snoop on activity in the vicinity of the device, recording his WhatsApp and Viber calls, logging messages sent in mobile chat apps, and tracking his movements," said Citizen Lab.

公民實驗室表示：“一旦感染上病毒，曼蘇爾的手機就會變成一個裝在他口袋裏的電子間諜，可以用iPhone的攝像頭和麥克風來窺探發生在設備周圍的活動，記錄下他的WhatsApp和Viber calls，獲取手機聊天軟件發送的信息，並且跟蹤他的行動。”

The researchers say they believe the spyware involved was created by NSO Group, an Israeli "cyber-war" company.

研究人員們表示，他們認爲本案的間諜軟件是由以色列“網絡戰爭”公司NSO組織開發的。

"It is the most sophisticated spyware package we've seen," said Lookout. "It takes advantage of how integrated mobile devices are in our lives and the combination of features only available on mobile - always connected (wi-fi, 3G/4G), voice communications, camera, email, messaging, GPS, passwords, and contact lists."

瞭望臺表示：“這是我們見過的最精密的間諜軟件包。它利用了手機在我們生活中被密集使用這一特性、以及只有在手機上纔有的特徵組合--經常連接（wifi，3G/4G網絡）、語音通信、相機、電子郵件、短信、GPS、密碼和聯繫人列表。

NSO has issued a statement acknowledging that it makes technology used to "combat terror and crime" but said it had no knowledge of any particular incidents and made no reference to the specific spyware involved.

NSO方面已經發表了一份聲明，承認他們用技術來“打擊恐怖和犯罪”，但是也表示他們不知曉任何特定事件，也沒有參與到任何特別的間諜軟件中來。