Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Security Communications Iphone Software Technology

Hacking Campaign Targets iPhone Users With Data-Stealing, Location-Tracking Malware (zdnet.com) 37

ZDNet reports of a new mobile malware campaign that is "gaining access to iPhones by tricking users to download an open-source mobile device management (MDM) software package." From the report: Once in control, the unidentified hackers can steal various forms of sensitive information from infected devices, including the phone number, serial number, location, contact details, user's photos, SMS, and Telegram and WhatsApp chat messages. Thirteen users -- all in India -- have been been compromised in the attacks, which have been detailed by Cisco Talos. Those infected use a range of iPhone models and are running iOS versions ranging from 10.2.1 to 11.2.6. The campaign has been active since August 2015. The attackers take control by using the MDM package, which can give attackers complete control of the device and the ability to install fake versions of real apps.

Two different MDM services are used in the campaign, enabling system-level control of multiple devices from one location and the ability to install, remove and exfiltrate data from apps. One method of stealing data comes via malicious versions of messaging services like Telegram and WhatsApp being pushed onto the compromised device via fake updates. The apps look legitimate to the user, but malicious code sends information -- including messages, photos and contacts -- to a central command and control server. Deploying these apps requires a side-loading injection technique, which allows for the ability to ask for additional permissions, execute code and steal information from the original application.

This discussion has been archived. No new comments can be posted.

Hacking Campaign Targets iPhone Users With Data-Stealing, Location-Tracking Malware

Comments Filter:
  • Old Tricks (Score:2, Insightful)

    by Anonymous Coward

    You know, these used to just be called "Trojans". But that long-winded description works, too.

  • Seems like MDM is a codeword for what we call 'antivirus" on a PC/Mac. The antivirus developers have been given hooks that go all the way to BIOS, while a typical program can't touch system files nor the BIOS. We expect the certified antivirus programs to play by rules, but there's nothing preventing things like Norton's occasional behavior of starting P2P hole checks that end up overflowing the internet pipes.

    So, here we are with a bunch of India cases of users trusting malware as their iPhone MDM/antiviru

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      Seems like MDM is a codeword for what we call 'antivirus" on a PC/Mac. The antivirus developers have been given hooks that go all the way to BIOS, while a typical program can't touch system files nor the BIOS. We expect the certified antivirus programs to play by rules, but there's nothing preventing things like Norton's occasional behavior of starting P2P hole checks that end up overflowing the internet pipes.

      So, here we are with a bunch of India cases of users trusting malware as their iPhone MDM/antiviru

    • by Anonymous Coward

      MDM is an acronym for Mobile Device Management. Of course, you would know that if you read the article, or had a business issued or connected device.

  • An iOS clone, with nothing added, just different listeners for the data....
  • Hacking Campaign Targets iPhone Users With Data-Stealing, Location-Tracking Malware

    Did anyone else initially read the headline as being about a political campaign using iPhone malware to research their target voters?

Ocean: A body of water occupying about two-thirds of a world made for man -- who has no gills. -- Ambrose Bierce

Working...