Security experts at iVerify have identified signs of a surveillance campaign targeting iPhone users in both the United States and Europe. The victims include a member of the government of an EU country, political campaign managers in the United States, journalists, and even employees of an artificial intelligence company.
For Apple, this is not a security breach
The attack relies on an iOS feature: it triggers a notification when a contact's name or photo changes in iCloud. This is believed to have been used to interact with the targets' devices. Of the six iPhones analyzed, three experienced abnormal crashes—a suspicious behavior for iVerify.
In one case, the victim received an alert message from Apple about a month after their iPhone exhibited one of these malfunctions. The manufacturer regularly does this to warn of suspicious activity.
This is where the confusion arises. Apple acknowledges that a bug existed in this feature, fixed in iOS 18.3. However, the company denies that this bug was exploited to compromise devices. Ivan Krstić, Apple's head of security, claims that internal analyses revealed no signs of an attack and accuses iVerify of failing to provide convincing technical evidence. Good vibes...
"We have thoroughly reviewed the information reported by iVerify, and we strongly disagree with the idea of a targeted attack," he told Axios. Apple insists it was a simple software bug, with no evidence of malicious exploitation.
Despite this disagreement, iVerify is making its findings public after consulting with several major tech companies and four European government entities. The goal is to increase vigilance among cybersecurity researchers. "This is a cluster of clues that cannot be ignored," said Rocky Cole, COO at iVerify. At this point, no group or state has been formally identified, but some of the targeted profiles had already been monitored by entities linked to China. iVerify recommends that high-risk users enable iOS's Isolation Mode, a stronger spyware protection mechanism. This mode could have prevented the observed incidents. Source: Axios
0 Comments