How can we help?
Researchers at the University of Toronto’s Citizen Lab have identified an exploit for recent versions of iOS which has been used by surveillance tech companies to break into iPhones. The exploit uses a technique to circumvent the recently added BLASTDOOR feature which filters incoming message data and is supposed to make attacks like this more difficult.
An attacker could compromise an iPhone by sending a text message to it. The recipient would not need to click or view the message for the exploit to be effective.
There is currently no mechanism by which an iPhone user can identify if they have been affected in isolation. Potentially affected devices need to be professionally examined in order to determine if the device has been compromised, however, all devices listed under Affected Products do carry the vulnerability.
Apple would not confirm that the most recent patch fixes this issue. It is therefore likely that the exploit is still functional in the most recent version of iOS (14.7.1).
Containment, Mitigations & Remediations
Citizen Lab believes that this attack could be prevented by disabling iMessage and FaceTime. However, this would mean that texts sent using the built-in Messages app would be unencrypted. Other 3rd party applications which offer end-to-end encryption could be used in place of iMessage or FaceTime, however, these may carry their own risks and should be chosen at the user’s discretion.
Indicators of Compromise
There are currently no IoCs that can be actively monitored for on a device.
The exploit has been developed by the NSO Group, an Israeli based Surveillance company that came to prominence recently following the disclosure of lists of telephone numbers being targeted by the organisation and their clients. It is however likely that, given the disclosure of the exploit, others will seek to reverse engineer or independently identify the vulnerability in order to use it for their own means.