Apple patches iOS flaws used in cyber espionage


By Dylan Bushell-Embling
Friday, 26 August, 2016


Apple patches iOS flaws used in cyber espionage

Apple has issued a new patch for three critical iOS vulnerabilities used in malware designed for “cyber war” purposes such as eavesdropping on political dissidents and rivals.

Citizen Lab — a research lab from within the University of Toronto’s Munk School of Global Affairs — and researchers from Lookout Security discovered the existence of three major zero-day iOS vulnerabilities capable of subverting Apple’s security environment.

The three vulnerabilities have been collectively dubbed “Trident” by the researchers. Trident is used in a spyware product called Pegasus.

A Citizen Lab investigation determined that Pegasus had been developed by NSO Group, a secretive Israeli-based organisation that reportedly specialises in cyber war.

The malware was originally discovered in an apparent state-sponsored phishing attack against UAE political dissident Ahmed Mansoor, which if successful could have turned his unpatched iPhone into a sophisticated bugging device controlled by UAE security agencies. Spies would also have been able to log Mansoor’s emails and calls and track his precise whereabouts.

Citizen Lab said the company was also able to identify at least two other suspected NSO Group-related targeted digital attack campaigns — one against a Mexican investigative journalist and the other against an opposition politician in Kenya.

Citizen Lab and Lookout Security worked with Apple to address the vulnerabilities in the latest iOS patch, which has now been released as iOS 9.3.5.

In more bad news for Apple, reports are circulating of a widespread issue with the touchscreens of iPhone 6 and 6 Plus smartphones becoming unresponsive after repeated use.

Repair guide company iFixit said in a blog post that every repair tech the company has spoken to has reported an influx of faulty iPhones, all with the same problem, which iFixit calls “Touch Disease”.

A telltale symptom of Touch Disease is a grey flickering bar at the top of the display. The issue often progressively gets worse until the device stops responding to touch completely.

Replacing the screen does not fix the problem, because the issue can reportedly be traced to the two touchscreen controller chips on the iPhone’s logic board.

According to the report, while the issue is widespread Apple does not acknowledge the problem, so Apple store employees are unable to help customers out of warranty. Apple also does not support third-party repair shops, so does not inform customers that a fix is available that does not involve buying a brand new device.

Image courtesy of Steve Terrell under CC

Related Articles

Strategies for navigating Java vulnerabilities

Java remains a robust and widely adopted platform for enterprise applications, but staying ahead...

Not all cyber risk is created equal

The key to mitigating cyber exposure lies in preventing breaches before they happen.

How AI can help businesses manage their cyber risks

Artificial intelligence can be a powerful ally in the fight against cyberthreats.


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd