The attempted hack took advantage of three zero-day exploits that would have allowed the attackers to jailbreak Mansoor's iPhone and install spyware to track his movements, record his WhatsApp and Viber calls, log his messages and access his microphone and camera. Mansoor did not click on the link sent to his phone that would have enabled these capabilities, instead alerting Citizen Lab researchers.

Given the high cost of iPhone zero-days and the use of a government-specific spyware product, Citizen Lab believes the UAE is behind the attack. The UAE has previously targeted Mansoor.

"We are not aware of any previous instance of an iPhone remote jailbreak used in the wild as part of a targeted attack campaign, making this a rare find," Citizen Lab writes.

Once Citizen Lab discovered the zero-days, it contacted Apple and says the company responded promptly. Apple released a software update today, iOS 9.3.5, that addresses the three flaws.