If you are an iPhone user and have yet to install the latest iOS update – iOS 9.3.5 – you need to do that right now. Go ahead. I’ll wait.
While that’s downloading, here is why this update is vital: a new piece of malware has been discovered that has the ability to install itself on your device, steal your data, and then uninstall itself without a trace. Reports from both the New York Times and Motherboard published August 25th explain that this update patches three major security holes that could be exploited by hackers, giving them access to virtually all of the private data stored on your iOS device.
These vulnerabilities were discovered by Ahmed Mansoor, a human rights activist from the United Arab Emirates, according to both articles. Mansoor received a suspicious text message with a link that claimed to be able to provide “new secrets about the torture of Emiratis in state prisons.”
Had Mansoor clicked that link, he would have been redirected to a site created to exploit the three aforementioned flaws and had malware installed on his iPhone, giving remote hackers full access to his device. Luckily, Mansoor instead alerted Citizen Lab, an interdisciplinary lab based at the Munk School of Global Affairs at the University of Toronto.
Citizen Lab focuses its research on the intersection of human rights and security. They were able to trace the source to NSO Group, an Israel-based “cyberwar” company reportedly owned by Francisco Partners Management, an American venture capital firm that sells spyware solutions to government agencies.
Additional research from cybersecurity firm Lookout revealed the three exploits – known as “Trident” – are “zero-day” level. Zero-day means that the malware starts running the second it’s activated. In this specific case, once the link is opened, the malware automatically installs itself and begins to track everything on and around the infected device.
Had Mansoor’s device become infected, it would have transformed into a miniature digital spy, with hackers having the control to activate the phone’s camera and microphone at will to pick up on nearby conversations, as well as feeding data from his various apps to parties unknown.
If Mansoor had not come forward with this information, the malware would have continued to go unnoticed, likely infecting other devices.
It should be noted that while any iOS device could be targeted by this malware, both Trident and “Pegasus” (the type of malware sold by NSO) are mainly used to target journalists, activists, and dissidents in volatile regions such as the United Arab Emirates, Mexico, Kenya, Mozambique, Yemen and Turkey.
Apple was notified immediately, and the iOS 9.3.5 update was released to the public ten days later. The iOS platform benefits greatly from its tightly-integrated hardware and software in situations like this. As all of Apple’s devices run on the same core software, patches and updates can be tested and deployed in a fraction of the time it would take a platform like Android to do the same.
Developers like Apple and Google work diligently to keep their platforms secure and their users safe. It’s important to keep up to date with the latest available version of software for your device in order to protect your device and your data.
Want to learn more about the steps you can take to protect your personal and business data from malware and hackers? Contact the Onserve team at sales@onserve.ca or (877) 996-6622. We’re the trusted IT experts for businesses in {area}.