打开链接即被破解及入侵! iPhone出现严重安全漏洞!

Flaws in Apple's iOS operating system have been discovered that made it possible to install spyware on a target's device merely by getting them to click on a link.

日前，在苹果iOS操作系统中，仅仅通过让用户点击一个链接就可以在目标设备上安装间谍软件的漏洞已被发现。

The discovery was made after a human rights lawyer alerted security researchers to unsolicited text messages he had received. They discovered three previously unknown flaws within Apple's code.

该漏洞发现的起因是一名人权律师向安全研究人员报告称，他收到了来路不明的短信。安全研究人员在苹果的代码中发现了三个之前没有查明的漏洞。

Apple has since released a software update that addresses the problem.

自该问题被爆出后，苹果已经发布了一版软件更新来解决这个问题。

The two security firms involved, Citizen Lab and Lookout, said they had held back details of the discovery until the fix had been issued.

据发现漏洞的两家安全公司“公民实验室”和“瞭望台”表示，在苹果发布修复补丁之前，他们一直保守着发现的细节没有泄密。

The lawyer, Ahmed Mansoor, received the text messages on 10 and 11 August. The texts promised to reveal "secrets" about people allegedly being tortured in the United Arab Emirates (UAE)'s jails if he tapped the links.

涉事律师阿姆哈德·曼苏尔分别在8月10日和11日收到了不明短信。这些短信保证说，如果曼苏尔点击链接，就可以知道关押在阿联酋监狱中的人被折磨的“秘密”。

Had he done so, Citizen Lab says, his iPhone 6 would have been "jailbroken", meaning unauthorised software could have been installed.

公民实验室方面表示，如果曼苏尔这样做了的话，他的iPhone 6就会被“越狱”，这就意味着未经授权的软件可以安装在他的手机中。

"Once infected, Mansoor's phone would have become a digital spy in his pocket, capable of employing his iPhone's camera and microphone to snoop on activity in the vicinity of the device, recording his WhatsApp and Viber calls, logging messages sent in mobile chat apps, and tracking his movements," said Citizen Lab.

公民实验室表示：“一旦感染上病毒，曼苏尔的手机就会变成一个装在他口袋里的电子间谍，可以用iPhone的摄像头和麦克风来窥探发生在设备周围的活动，记录下他的WhatsApp和Viber calls，获取手机聊天软件发送的信息，并且跟踪他的行动。”

The researchers say they believe the spyware involved was created by NSO Group, an Israeli "cyber-war" company.

研究人员们表示，他们认为本案的间谍软件是由以色列“网络战争”公司NSO组织开发的。

"It is the most sophisticated spyware package we've seen," said Lookout. "It takes advantage of how integrated mobile devices are in our lives and the combination of features only available on mobile - always connected (wi-fi, 3G/4G), voice communications, camera, email, messaging, GPS, passwords, and contact lists."

瞭望台表示：“这是我们见过的最精密的间谍软件包。它利用了手机在我们生活中被密集使用这一特性、以及只有在手机上才有的特征组合--经常连接（wifi，3G/4G网络）、语音通信、相机、电子邮件、短信、GPS、密码和联系人列表。

NSO has issued a statement acknowledging that it makes technology used to "combat terror and crime" but said it had no knowledge of any particular incidents and made no reference to the specific spyware involved.

NSO方面已经发表了一份声明，承认他们用技术来“打击恐怖和犯罪”，但是也表示他们不知晓任何特定事件，也没有参与到任何特别的间谍软件中来。