Apple Warns iPhone Users in 98 Countries of Spyware Attacks (techcrunch.com) 29
Apple has issued a new round of threat notifications to iPhone users across 98 countries, warning them of potential mercenary spyware attacks. It's the second such alert campaign from the company this year, following a similar notification sent to users in 92 nations in April. TechCrunch: In its communication to affected users, Apple stressed the sensitive nature of its threat identification methods, cautioning that divulging additional details could potentially aid attackers in evading future detection. Apple has also made a notable shift in its language since last year, opting to describe these incidents as "mercenary spyware attacks" instead of the previously used term "state-sponsored" attacks.
Apple mercenary spyware /s (Score:3)
Re: (Score:2)
That was for Apple silicon Macs, not iPhones, and it did not allow remote access.
It leaked crypto information to a user-level process running on the same CPU. It isn't a vulnerability that affects most users.
Re: (Score:2, Insightful)
It leaked crypto information to a user-level process running on the same CPU. It isn't a vulnerability that affects most users.
Most users don't use crypto? I guess I hallucinated all those https URIs.
Re: Apple mercenary spyware /s (Score:2)
Well, leaking a TLS session key to a local log file after the session disconnects would be an example of a crypto leak that you don't have to worry much about.
Re: (Score:2)
That can still be a leak. For example, if I'm using an E2EE messaging platform, write a message, then close that window, if something can leak the ephemeral keys used in that session, that could be compromising.
Apple's hardware crypto support is odd too. IIRC, it only allows the OS and Apple stuff to use it, while if one wants to use AES with Chrome, it needs to be done via a software implementation. This might have changed, though.
Re: (Score:3)
It was actually making a mockery of the whole security reporting thing.
It's actually 2 bits in a register that shouldn't be accessible (they are reserved) but are.
Two processes could use those two bits to communicate with each other, but they have to be aware of those bits to begin with.
So yes, it could
Interesting; I wonder why... (Score:3)
That seem like it could imply three potentially quite different things: one would be Apple holding the same internal position as ever about the nature of the attacks; but someone from legal or regulatory affairs or the like insisting that less combative language is better for business. Another would be that Apple is either less focused on or less certain of attribution and (sensibly) isn't making claims they aren't reasonably sure of. The third would be that Apple has concluded that there has been a change in the availability of reasonably high end iOS attacks; and capabilities that historically suggested that a state actor was interested in you are now commercially available(not necessarily on the same tier as the stuff dismissively referred to as 'commodity', down where the phish toolkits and pre-canned attacks for known but commonly unpatched flaws live; but the sort of thing that a commercial actor with deep pockets or a state agent with basically zero in-house expertise but some procurement power would both have.
Re:Interesting; I wonder why... (Score:4)
Most likely the Chinese government told them to stop it because the blame in US media always gets pointed at China when anyone says "state sponsored". Apple is very compliant with requests from the CCP.
Re: (Score:1)
Most likely the Chinese government told them to stop it because the blame in US media always gets pointed at China when anyone says "state sponsored". Apple is very compliant with requests from the CCP.
If I had mod points, you'd get 'em for this. It's the very first thought I had about the change in wording. China pretty much dictates to Apple how it may behave if it wishes to continue to swim in their very large pond of consumers. Apple complies.
Re: (Score:1, Informative)
Every country does the same thing. They're called "laws" and "regulations".
Re: Interesting; I wonder why... (Score:2)
Really? When I hear state sponsored hacks I think of Russia or North Korea. I'm sure China does plenty too, but the big stories I've heard seem to be mostly about Putin's Russia or crypto hacks used in NK to find their government.
Re: (Score:2)
These days I would counter that state-sponsored cyber crime is more likely to originate in Russia, or from Russian interests than China.
Re: (Score:2)
Re: Interesting; I wonder why... (Score:1)
how does it work? (Score:2)
Re: how does it work? (Score:2)
Re: how does it work? (Score:1)
Re: (Score:2)
Usually itâ(TM)s the delivery of a malicious payload via an instant messaging app like iMessage, Signal, WhatsApp, etc. iMessage gets all the attention but all of them are at risk since the vulnerabilities are in the operating system and can be reached via any of those messenger apps, itâ(TM)s not actually a vulnerability in the messaging app thatâ(TM)s the issue. Your device receives the message and automatically starts processing it which triggers the exploit. You never see the new message notification or message itself since the attacker already controls your device before it would get to that point and deletes it. Check out the Am I Secure? app on the App Store, has good advice on protecting your device. Iâ(TM)m a subscriber to their scanning service since they already caught some attacks against their users.
Well, apparently not all attacks against you...
https://www.numbersstation.app... [www.numbersstation.app] [numbersstation.app] Can also happen via a link to a malicious web site (although thatâ(TM)s more obvious and easier to avoid) as well as network injection where an attacker has network level access and simply steers your device to malicious websites even when you go to a legitimate one.
No need to steer you to another website. I presume that it can spread via another already infected user posting gibberish to a social media site.
Re: (Score:1)
But but... How can this be?!?? (Score:2)
Apple's ecosystem is hermetically closed and Apple rigorously vets all apps that run on your Apple device, and won't even let a browser other than their own go on the intarwebs.
Could it be that they're not in fact doing all that for the users' safety and privacy? Could it be that their platform is in fact just as vulnerable as all the others? Say it isn't so!
Re: (Score:2)
IIUC, it's not at vulnerable as, say MS Windows. It's reputably considerably better. But anyone can be attacked.
Re: But but... How can this be?!?? (Score:2)
I'm curious if Windows security issues would be similar if all the software came from an app store. Almost every Windows vulnerability I hear about is related to the user installing shit. The other types of vulnerabilities, everyone gets once in a while.
Re: (Score:2)
You're misrepresenting what Apple claims, with the exception of not permitting non-WebKit based browsers. Were I being pedantic I would point out that on my iPhone I have Chrome, Edge, and Safari... but under the hood there's a single engine, so... point acknowledged.
Apple has a list of things they "check" for applications. It does not constitute a promise or guarantee of invulnerability, perfection, and ideal security. If you think it does, that's an assumption on your part. It has NEVER been claimed to be
Re: (Score:2)
Re: (Score:2)
No they haven't. Apple hasn't deleted a single app from a user's device remotely. We don't know if it's even possible for them to do it as it's never been done. So [citation needed].
We DO know that there's a check to see if an app can run. However, it's in location services. So if an app doesn't use location services, there is no way Apple can disable the app. And that only
Re: (Score:2)