As of August 25, Apple issued a “critical iOS update” designed to patch multiple zero-day security vulnerabilities which could conceivably allow a cyber attacker full control of any iPhone remotely “simply by clicking a link,” as “Digital Goddess” Kim Komando put it in her update on this subject on August 26. For those not aware of recent developments in the hacker and cybersecurity world, a zero-day attack is one that exploits security vulnerabilities that the software engineers and sellers were previously unaware of. The specific threat has been named “Trident” by security outfit Lookout and Internet vigilante Citizen Lab, and can reputedly turn any iPhone – of any generation – into a data and privacy spying tool via the installation of sophisticated spyware.
[youtube https://www.youtube.com/watch?v=ULEKe0xvm-0]
Understanding Digital Spying
According to security researchers, once an iPhone is infected with said spyware, the device is then rendered a “digital spy” which attackers can then use to snoop and record information on and in the vicinity of the device via the camera and microphone. The spyware can:
- Record phone calls
- Log messages and texts
- Track the location of iPhone owners
- Record audio and video of in-person private conversations
Uncovering the Spyware Agenda
It was only after United Arab Emirates human rights defender Ahmed Mansoor’s iPhone was targeted with texts containing malicious links that the spyware “exploit chain” was uncovered by Lookout and Citizen Lab (Check out his full report here). Thanks to Mansoor’s better wisdom, he did not click on the links, but instead forwarded the messages to Citizen Lab researchers, who traced the links and spyware chain – with help from Lookout – to the zero-day 3-step exploit chain that could have resulted in a jailbroken iPhone and a spyware program called Pegasus being installed.
Exploiting Vulnerabilities
The main culprit in all this seems to be an organization called NSO Group Technologies Ltd., an outfit that has labelled itself “a leader in mobile and cellular cyber warfare”. It has been further determined that Trident has three main iOS security vulnerabilities, officially known as CVE-2016-4657, CVE-2016-4655 and CVE-2016-4656, an explanation of their security fault details found on the linked pages. All of this has led to Apple’s release of security update 9.3.5 on August 25th, which the company says is critical for all iPhone users to apply to their iPhones or iPads.
How to Update Your Apple Device
To implement Apple’s security fix, just go to Settings > General > Software Update, and your device will auto-check for available updates or latest version of iOS. It will show the 9.3.5 version as available. Tap on the “download and install” button to implement the update process. Your iPhone passcode may be required to update, but beyond that everything should be automatic. You should receive a message that says “Your software is now up to date.”
Veltec Networks is the leader in providing managed IT services in San Jose. Contact our expert IT staff at (408) 849-4441 or send us an email at info@veltecnetworks.com if you have any concerns about iPhone updates and any mobile device security vulnerabilities, and we will be happy to answer any and all your questions.