Apple iPhone Easily Remotely Hijacked with a Simple Familiar Text Message - Update to Avoid

Apple iPhone Easily Remotely Hijacked with a Simple Familiar Text Message - Update to Avoid

Are you an iPhone/iPad user? Is there a pending update for it? If so get it and update it now because according to Lookout security company and the Internet watchdog's that are Citizen Lab have discovered a zero-day hack that comes in the form of a simple text message which when activated by visiting the link, jail breaks and infects your iPhone or iPad installing malware that gives the hackers access to everything on your phone and is able to even log encrypted messages.

Even being able to activate the microphone and camera and hear everything around you as well as whatever the camera sees and tracking the movements of your device. They are also able to use the device to send the same message to all the people on their contacts list and email accounts list too. Spreading the zero days hack even further.

According to news reports this came to light after a Ahmed Monsoor who is a human rights activist, nearly had his iPhone hijacked to one of the zero-days being sold on the net right now. There are actual Israeli firms that are selling iOS zero-day hacks to hackers so they can hack and jikack your iPhone or iPad. He just got a simple familiar looking SMS text message on his iPhone with something he might have been interested in knowing. It was to find out more details about torture in state prisons, something he would have been interested in as an human rights activist, and there was a link to click on to read the article.

Fortunately for Ahmed he never clicked the link and decided to report it. But had he done so, his iPhone would have been instantly jail broken and infected with malware which is able to log and read encrypted messages, turning on the microphone and tracking it's movements around on the map. But if that wasn't ridiculous enough, the zero-days is being sold to world governments, world leaders and authorities by an Israeli cyber war group called NSO Group. But you can't exactly read up on NSO on some Wikepedia page. They're such a secretive group that they often change their name as a way to cover their tracks and avoid any unnecessary exposure and are said to be responsible for distributing a powerful, government-exclusive spyware product called Pegasus.

Since this came to light, both Lookout and Citizen Lab have investigated the hack attempt and reported it to Apple which have since rolled out a patch for in an update as well as three other previously unknown zero day hacks that Apple have rolled out a patch for now. They're known as "zero days" because before now Apple didn't know about it until now. The hackers gain complete access and control of the infected device by a simple and familiar spear phishing SMS text message. Familiar because it was for something he was already interested in and that shows the lengths that these hackers will go to.

This particular group were specifically targeting people humanitarians & journalists in Yemen, Turkey, Mozambique, Mexico, Kenya, and the UAE. Apple said in a statement "We were made aware of this vulnerability and immediately fixed it with iOS 9.3.5. We advise all of our customers to always download the latest version of iOS to protect themselves against potential security exploits."

So if you're an iPhone user, are an humanitarian or journalist in Yemen, Turkey, Mozambique, Mexico, Kenya, and the UAE. Or both. You should update your iPhone/iPad to the latest iOS update 9.3.5. If you can't, try not to click on any links in emails or SMS text messages or from anywhere else like Whatsapp, Facebook etc etc until you are able to update and get the patch.

Not even anything familiar. This is how they get you! Hackers are getting very clever in the way they'll try to get you to open something or click on the link. Gone are the days when they would send out a billion messages or SMS' to random numbers. Now they do their homework and research first. Now they find out the background of the people they are sending their zero days to. Making the message much more likely to be opened and clicked on.

Sending a scientist something that says something about the latest theory will probably mean they're more interested to click that. Sending a teacher something about how school teachers are going to get paid double their salary by 2017 under new government rules (although a lie) will make it likely for that teacher to click that to check it out. Especially when it comes from someone on your contacts list or another scientist or teacher.

This is not a new trick though but it is a reminder. When it comes to messages and even SMS texts and stuff you get. Never trust it even if it's from someone you know!