iOS Update Prevents Snooping Via Remote Jailbreaks

...

Apple's latest security update for its iOS mobile operating system patches a serious flaw that allowed malware to spy on a user's phone calls and text messages, according to a human rights watchdog.

Citizen Lab, a Canadian research group that analyzes cyber security, published a report this week claiming that a prominent human rights activist received a text message from a "cyber war" company with a link to malware that would have jailbroken his iPhone and installed surveillance software.

The activist, Ahmed Mansoor, did not tap on the link, and instead forwarded it to Citizen Lab. Working with a US mobile security company, researchers there identified it as an exploit connected to NSO Group, an Israeli company best known for selling a government-exclusive "lawful intercept" spyware product called Pegasus.

Had Mansoor activated the malware, it would have remotely jailbroken Mansoor's iPhone and allowed NSO to use the camera and microphone to snoop on his activity, according to Citizen Lab. His WhatsApp and Viber calls would have been vulnerable, in addition to the location recorded by the phone's GPS.

Highlighting the rare nature of the exploit, Citizen Lab wrote in its report that "[w]e are not aware of any previous instance of an iPhone remote jailbreak used in the wild as part of a targeted attack campaign."

Apple on Thursday released the latest version of iOS, 9.3.5, which it described as fixing issues identified by Citizen Lab. The update includes two improvements to how iOS devices access memory, as well as a patch that prevents visits to a "maliciously crafted website" from remotely executing arbitrary code.

Categories
APPLICATIONS
0 Comment

Leave a Reply

Captcha image


RELATED BY

  • 5300c769af79e

    OnePlus Starts Pushing Nougat Update to OnePlus 3 and 3T

    On New Year’s Eve, OnePlus squeezed in a couple of announcement posts to share to the world that Android Nougat is here for the OnePlus 3 and OnePlus 3T.Related, though, they also released a beta of Nougat for the OnePlus 3T, for those who don’t want to wait for the stable build.
  • 5300c769af79e

    27 Open Source DevOps Tools In 7 Easy Bites

    I recently wrote an article featuring 25 DevOps vendors worth watching.However, in the world of DevOps, there are an awful lot of good tools that don't really have a vendor attached, and I thought it was time to give the open source tools their due.
  • 5300c769af79e

    Andrew Horne - Authors & Columnists

    9/14/2016When Andrew Horne, IT practice leader at consulting firm CEB, talks with IT professionals about digitization, the term itself is often greeted with eye rolling.But it's a buzzword business leaders are excited about.
  • 5300c769af79e

    Be Careful Who You Troll in the UK

    Twitter might still be struggling with how to combat trolls, but in the UK, authorites have added new offenses to the list of online behaviors that could land you in hot water with the Crown Prosecution Service (CPS).Released during Hate Crime Awareness Week in the UK, the rules help attorneys effectively bring legal action against social media harassers.