Distributed Workforce, OT Security

Apple iOS Hit Hard By Sophisticated Malware Attack

After human rights activist, Ahmed Mansoor, received a text from an unknown number promising to expose “secrets” about people undergoing torture, he became suspicious.

The random link had the power to infect Mansoor’s phone, effectively creating a digital spy. The spyware invading Mansoor’s phone has been deservedly named a “one tap” attack because it only requires victims to click on one link to become infected.

Once infected, the hackers have access to an iPhone’s camera and microphone to reach activity in the vicinity of the device and are able to intercept every call and text message.

The hackers have access to all e-mails, contacts and FaceTime calls. Essentially, the attackers have open access to every communication mechanism on the phone—the Facebook app, Skype, WhatsApp, Viber, WeChat, Telegram and more, including all messages.

Besides just stealing communicative data, the malware also constantly updates GPS information and sends it to the command and control server, steals credentials from every Wi-Fi network the user has connected and grabs stored Apple router passwords.

Despite the magnitude and severity of this attack, it is likely that most users will not be affected given the sophisticated and targeted nature of this malware. However, Apple users should immediately update their device to iOS 9.3.5, which blocks the attack.

Jenny Lewis is an associate at Nixon Peabodya global law firm specializing in complex challenges in litigation, real estate, corporate law and intellectual property anywhere in the world. Read more Nixon Peabody blogs here.

Nixon Peabody

At Nixon Peabody, we see 21st century law as a tool to help shape our clients’ futures. We are constantly thinking about what is important to our clients now and next so we can foresee obstacles and opportunities in their space and smooth the way. We work together to handle complex challenges in litigation, real estate, corporate law, intellectual property, and finance anywhere in the world.