Update your iPhone right now — especially if you’re an activist

Cyber Politics, Security & Privacy

A little iPhone history was made this month — a iOS device was infected by just clicking on a link.

This sort of attack had previously only worked on devices where the owner had purposely installed a “jailbreak” hack.

So before you do anything — even read the rest of this post — you should update your iOS software to the latest version of iOS 9, or iOS 10 beta, which has some nice new privacy features.

Here’s how this historic attack happened, according to The Verge:

Earlier this month, an Emirati human rights activist named Ahmed Mansoor got a suspicious text. It promised new details of torture in the country’s state prisons, along with a link to follow if he was interested. If Mansoor had followed the link, it would have jailbroken his phone on the spot and implanted it with malware, capable of logging encrypted messages, activating the microphone and secretly tracking its movements.

To our cyber security advisor Erka Koivunen, this is a glaring example of a threat that is not “advanced” — as in APT, advanced persistent threat.

Think about what goes into a real APT.

“They do reconnaissance properly and understand what the victim is susceptible to. They have good timing and only create visible noise when it suits their interest,” he told us. “And they have a plan B ready in case someone starts snooping their activities.”

Here, the the most exploitable iPhone vulnerability ever known has now been exposed and patched — for what?

It’s a bit baffling to Erka who compares it to throwing “expensive exploits at this guy like kids throwing rocks.”

You just don’t see zero-day vulnerabilities like this — especially on what had been one of the more secure platforms available — that often.

This has some security researchers thinking:

//platform.twitter.com/widgets.js

So, if you haven’t already, update now.

And if you’re involved in politics in *any way* whatsoever, realize that someone will try to hack you — sooner or later. So beware of those links in strange texts and email attachments in general.

[Image by Sean MacEntee via Flickr]

0 Comments

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

You might also like