Apple Releases Emergency iOS Upgrade After ‘Rare’ Spyware Found
Earlier this month, human rights activist Ahmed Mansoor of the United Arab Emirates received text messages on his iPhone asking him to click on an included link. Little did he know, had he clicked on that link, his iPhone would have become a tracking device enabling a hacker to use his camera and microphone remotely.
According to citizenlab.org, Mansoor forwarded the messages – without clicking on the links – to the researches at Citizen Lab, who then detected the messages came from Israeli-based NSO Group. The research organization, in conjunction with Lookout Security, alerted Apple of the hack – one that had not been seen in the past.
“We are not aware of any previous instance of an iPhone remote jailbreak used in the wild as part of a targeted attack campaign, making this a rare find,” Citizen Lab reported.
Rare, indeed. According to one researcher with Lookout, the spyware was “the most sophisticated spyware package we have seen in the market,” the Telegraph reported.
Once Apple was notified by researchers, it addressed vulnerabilities and released iOS 9.3.5, which blocks the malicious spyware now dubbed Trident. Apple is now urging all iPhone users to upgrade to the iOS 9.3.5 patch.
On Apple's support page, a statement reads, "For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available."
The 9.3.5 upgrade is available for iPhone 4s and later, iPad 2 and later, and iPod Touch (5th generation) and later. The upgrade was released Thursday, Aug. 25.
Enterprise execs should encourage their employees to update their OS and also warn about not clicking on links, especially those coming from unknown senders.