And quite the heads up move by Ahmed Mansoor to recognize the suspicious text for what it was and send it to the research team instead of clicking the link. If this thing really has been going since iOS 7 that means he is the outlier in taking precautions.
FTA: He had been targeted previously by FinFisher AND Hacking Team's malware. Avoiding malware is nothing new to this guy, something this NSO Group should have taken into account when they came up with their spear-phishing attack.
Sure but how is that responsive to parent's point about Mansoor being an "outlier in taking precautions"? The reason he found out about the previous attacks was likely because he took similar precautions:
"When Ahmed Mansoor opened the document, his suspicions were aroused due to garbled text displayed. His email account was later accessed from the following suspicious IPs.."
Then again, he's not some comfortable first-world programmer who makes $100K a year and enjoys talking about infosec and opsec as a fun diversion, he's a guy living in a repressive third-world dictatorship who has put his entire life on the line for the human rights of others and probably has little to no computer science or infosec education, so, maybe cut the guy some fucking slack.
NSO Group claims not to launch attacks itself; rather it only sells tools to do so. So it might even be that the same government has targeted him with all three hacking tools.
