Apple warns of targeted mercenary spyware attacks on iPhones. Experts recommend daily reboots, lockdown mode, and analyzing system logs for potential infections.
Boris Larin, Principal Security Researcher at Kaspersky’s GReAT:
Apple notified some users worldwide of potential mercenary spyware attacks. It’s important to understand that these cyberattacks are highly targeted and aimed at specific individuals. Such attacks require substantial resources and advanced technical expertise. If such an actor targets you, it’s not a matter of “if” but “when” you’ll be infected.
Also Read: What’s All the Buzz About AI Wealth Managers?
If users suspect they might be of interest to attackers, Kaspersky experts recommend daily reboots. This can help clean the device, forcing attackers to reinfect repeatedly, thereby increasing the chances of detection over time. Apple’s newly introduced lockdown mode has also effectively blocked iOS malware infections. Disabling iMessage and FaceTime features also reduce the risk of falling victim to zero-click exploits.
It’s crucial to remember that while iPhones have robust security features, they are not completely immune to attacks as malicious actors continually refine their techniques. Additionally, the closed nature of iOS limits contributions from the broader cybersecurity community, making it challenging to develop full-scale security solutions that complement Apple’s built-in protections.
Also Read: Manufacturing’s Digital Dilemma: Balancing Innovation with Cybersecurity
Lastly, it’s essential to regularly check backups and sys diagnose log files. Pegasus and previously reported Operation Triangulation attacks proved that infections leave traces in the system log, Shutdown.log, stored within any mobile iOS device’s sys diagnose log files. Earlier this year, our team introduced a lightweight method to detect indicators of infection from sophisticated iOS spyware like Pegasus, Reign, and Predator by analyzing Shutdown.log, a previously unexplored forensic artifact.Â
