3aIT Blog

 

A very nasty threat Apple's mobile devices (iPhones, iPads and iPods) emerged last week. For those that aren't interested in the details, the short version is that you should ensure that you've installed the latest update that Apple have released (iOS 9.3.5).

A malware exploit called "Trident" was discovered by security experts. In brief, this gives an attacker complete access to messages and emails, the ability to listen to calls, access to wireless passwords... Essentially, complete access to your phone.

The most worrying thing about this attack is how easy it is to fall victim to it. All the user needs to do is click a link on a dodgy website, and that's it. The phone is then infected.

This exploit was being specifically targeted at various people of interest. In particular, Ahmed Mansoor (a human rights activist) tipped off security experts to this flaw. The New York Times also suspect that its journalists have been targeted.

As is often the case, details of the bugs in the code that allowed this attack were not released to the general public until Apple had a fix in place. Therefore, it is unlikely that most people will have been exposed to this attack up until this point. However, now the details have been released, it may be possible for other people to engineer malware that exploits the same flaws. Therefore, it is crtitical to ensure that you install the update mentioned above if you haven't already.