Apple recently announced its first bug bounty program in order to catch unknown vulnerabilities with the help of outside parties, effectively serving as a rare acknowledgment that it wasn’t always one step ahead when it came to threats. The initiative hasn’t even started yet, but a group of researchers have already uncovered a highly dangerous spyware product ready to take over a person’s iPhone.
The road to discovery began on August 10 with a series of texts received by Ahmed Mansoor, an internationally recognized human rights defender living in the UAE. The messages asked him to click on a link, promising to tell him new secrets about prisoners being tortured in UAE jails.
Mansoor didn’t fall for the bait, choosing to send the communications across to watchdog Citizen Lab instead. The organization in turn made the connection to NSO Group. In its report on the case, it described the latter as an Israel-based cyber war company. The firm apparently sells a highly advanced government-exclusive lawful intercept spyware product called Pegasus.
Citizen Lab then teamed up with Lookout Security to investigate the threat which the two dubbed Trident since it consisted of three zero-day exploits. According to the latter, one exploit compromises the phone through Safari, the second allows the attackers to gain information, and the third takes advantage of this to jailbreak the handset and install surveillance software.
Lookout went as far as to term it as the most sophisticated attack ever on any endpoint, while Citizen Labs called it a rare find. An iPhone infected with Trident would serve as a portably spying device, able to do things like relaying information through its camera and microphone, tracking its owner’s movements, and recording WhatsApp calls and chats.
Once it had been made aware of the vulnerabilities, Apple promptly issued iOS 9.3.5 to patch up the holes. The fix is being rolled out right now and should be downloaded immediately to shield your iPhone from an attack.