People believe that iPhones are secure, however new reports out today have Apple scrambling to fix vulnerabilities that are actively being exploited.
There are three flaws that have come out, and all are known as 0-day (zero day). These flaws were previously unknown and based on what some users are saying has been in use for years. At least from 2014.
The flaws allow the attacker (or government in this case) to take over a victim’s phone when they click on a link in a text message. This description of the flaw is according to Lookout a cybersecurity firm that looks for security holes in mobile products, and Citizen Lab at the University of Toronto’s Munk School of Global Affairs.
“This is the most sophisticated bad actor we have ever seen targeting mobile phones out in the wild,” said Mike Murray, vice president of security research at Lookout.
The Spyware was discovered when pro-democracy activist Ahmed Mansoor received two text messages promising “secrets” about prisoners tortured in United Arab Emirates jails. He was immediately suspicious as he has been the target of Malware before and has been jailed for activism before. The past incidents of Malware have been traced back to the UAE government by security researchers.
Apple has since released a new version of iOS that fixes the flaw and is encouraging all users to update to the latest version as soon as possible. Fortunately this should protect users from this immediate threat as Apple’s devices are update more regularly than Android.