Skip to content

Trending tags

Update your iPhone right now — especially if you’re an activist

Jason Sattler

26.08.16 2 min. read

A little iPhone history was made this month — a iOS device was infected by just clicking on a link.

This sort of attack had previously only worked on devices where the owner had purposely installed a “jailbreak” hack.

So before you do anything — even read the rest of this post — you should update your iOS software to the latest version of iOS 9, or iOS 10 beta, which has some nice new privacy features.

Here’s how this historic attack happened, according to The Verge:

Earlier this month, an Emirati human rights activist named Ahmed Mansoor got a suspicious text. It promised new details of torture in the country’s state prisons, along with a link to follow if he was interested. If Mansoor had followed the link, it would have jailbroken his phone on the spot and implanted it with malware, capable of logging encrypted messages, activating the microphone and secretly tracking its movements.

To our cyber security advisor Erka Koivunen, this is a glaring example of a threat that is not “advanced” — as in APT, advanced persistent threat.

Think about what goes into a real APT.

“They do reconnaissance properly and understand what the victim is susceptible to. They have good timing and only create visible noise when it suits their interest,” he told us. “And they have a plan B ready in case someone starts snooping their activities.”

Here, the the most exploitable iPhone vulnerability ever known has now been exposed and patched — for what?

It’s a bit baffling to Erka who compares it to throwing “expensive exploits at this guy like kids throwing rocks.”

You just don’t see zero-day vulnerabilities like this — especially on what had been one of the more secure platforms available — that often.

This has some security researchers thinking:

//platform.twitter.com/widgets.js

So, if you haven’t already, update now.

And if you’re involved in politics in *any way* whatsoever, realize that someone will try to hack you — sooner or later. So beware of those links in strange texts and email attachments in general.

[Image by Sean MacEntee via Flickr]

Jason Sattler

26.08.16 2 min. read

Categories

Highlighted article

Related posts

Close

Newsletter modal

Thank you for your interest towards F-Secure newsletter. You will shortly get an email to confirm the subscription.

Gated Content modal

Congratulations – You can now access the content by clicking the button below.