A Serious Attack Just Occurred On IPhone

Posted: Aug 26 2016, 10:15am CDT | by , in News | Apple


A Serious Attack Just Occurred on iPhone
Photo Credit: Getty Images

In early August, Ahmed Mansoor, an Emirati human rights activist, received a suspicious test. It told him that there were new details of torture within the state prison system, along with a link to follow if he wanted to learn more. If Mansoor had clicked on that link, his phone would have been jailbroken on the spot. From there, hackers would have implanted his phone with malware that was capable of logging encrypted messages, activating the microphone, and tracking the phone's movements. 

The entire attack is detailed in a new report from security companies Citizen Lab and Lookout Security, who have received the link from Mansoor. This new attack targets three previously undisclosed vulnerabilities within iOS, allowing access to kernel memory, kernel privileges, and arbitrary code execution. When those things are combined, an iOS device can be remotely jailbroken - something that has long been sought-after but hasn't been successfully used in any known campaigns.

Citizen Lab and Lookout reported the vulnerabilities to Apple, and fixes for the problem have already been patched with today’s release of iOS 9.3.5.

Citizen Lab has been able to link the attack to private Israeli spyware group NSO, although we still don't know how they found out they could even do this. Earlier this year, exploit broker Zerodium offered and awarded a $1 million bounty or remote jailbreaking capabilities. This is similar to what was used against Mansoor.

Apple recently launched its own reward system to encourage people to disclose any vulnerabilities that they found, with this highest bounty up to $200,000.

You May Like


The Author

<a href="/latest_stories/all/all/46" rel="author">Noel Diem</a>
Noel passion is to write about geek culture.




Leave a Comment

Share this Story

Follow Us
Follow I4U News on Twitter
Follow I4U News on Facebook

You Also Like


Read the Latest from I4U News