A Warning for all iPhone Users

An internationally recognized human rights activist in the United Arab Emirates (UAE) recently received text messages on his Apple iPhone that promised to provide detailed information about the torture occurring in UAE prisons by simply clicking on links in the text messages. The activist was suspicious of the links and thought they were possible phishing attempts. Instead of clicking the links, the activist notified Citizen Lab whose researchers tied the links to NSO Group, a “cyber war” company that sells a government-exclusive “lawful intercept” spyware product. After a thorough examination, Citizen Lab and Lookout Security determined that the links led to a series of zero-day exploits that remotely jailbreak an iPhone and install sophisticated spyware. This new exploit chain has been named Trident.

Risk: If you are infected by Trident, your iPhone will become a digital spy. This exploit is capable of spying through the iPhone’s camera and microphone, as well as recording calls, logging instant messages, and tracking movements. This spyware is capable of infecting your iPhone, iPad, and iPod.

Remediation: Apple has released an update (iOS 9.3.5) to their popular iOS mobile software that Apple claims fixes the vulnerabilities that could lead to your iPhone, iPad, or iPod being exploited by Trident. In order to update your Apple devices, follow these steps:

1. Open “Settings”
 2. Select “General”
 3. Select “Software Update” (which requires a network connection)
 4. The most recent update, 9.3.5, should appear; select “Download and Install”

-Team PhishTrain

One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.