Operation indiscriminately infects iPhones with spyware

Researchers say suspected nation-state hackers infected Apple iPhones with spyware over two years in what security experts on Friday called an alarming security failure for a company whose calling card is privacy.

A mere visit to one of a small number of tainted websites could infect an iPhone with an implant capable of sending the smartphone owner’s text messages, email, photos and real-time location data to the cyberspies behind the operation.

“This is definitely the most serious iPhone hacking incident that’s ever been brought to public attention, both because of the indiscriminate targeting and the amount of data compromised by the implant,” said former U.S. government hacker Jake Williams, the president of Rendition Security.

Announced late Thursday by Google researchers, the last of the vulnerabilities were quietly fixed by Apple by February but only after thousands of iPhone users were believed exposed over more than two years.

The researchers did not identify the websites used to seed the spyware or their location. They also did not say who was behind the cyberespionage or what population was targeted, but experts said the operation had the hallmarks of a nation-state effort.

Williams said the spyware implant wasn’t written to transmit stolen data securely, indicating the hackers were not concerned about getting caught. That suggests an authoritarian state was behind it. He speculated that it was likely used to target political dissidents.

Sensitive data accessed by the spyware included WhatsApp, iMessage and Telegram text messages, Gmail, photos, contacts and real-time location — essentially all the databases on the victim’s phone. While the messaging applications may encrypt data in transit, it is readable at rest on iPhones.

Google researcher Ian Beer said in a blog posted late Thursday that the discovery should dispel any notion that it costs a million dollars to successfully hack an iPhone.

Just Posted

Alberta education minister critical of Calgary school board over staff cuts

CALGARY — Alberta’s education minister is ordering a financial audit and governance… Continue reading

Alberta Review Board chairwoman resigns; says she received no government support

EDMONTON — The chairwoman of the Alberta Review Board says she has… Continue reading

Alberta overhauls workplace rules for farms, small operations to be exempt

EDMONTON — Most Alberta farm operations would no longer have to follow… Continue reading

Alberta NDP seek ruling to ban UCP from voting on bill to fire election watchdog

EDMONTON — Alberta’s Opposition NDP is asking the ethics commissioner to ban… Continue reading

John Mann, singer and songwriter of group Spirit of the West dead at 57

VANCOUVER — John Mann, lead singer and songwriter for Vancouver’s beloved Celtic-inflected… Continue reading

Your community calendar

Nov. 19 The Mountview Sunnybrook Community Association will hold its AGM at… Continue reading

Alberta education minister critical of Calgary school board over staff cuts

CALGARY — Alberta’s education minister is ordering a financial audit and governance… Continue reading

Alberta Review Board chairwoman resigns; says she received no government support

EDMONTON — The chairwoman of the Alberta Review Board says she has… Continue reading

Alberta overhauls workplace rules for farms, small operations to be exempt

EDMONTON — Most Alberta farm operations would no longer have to follow… Continue reading

Alberta NDP seek ruling to ban UCP from voting on bill to fire election watchdog

EDMONTON — Alberta’s Opposition NDP is asking the ethics commissioner to ban… Continue reading

John Mann, singer and songwriter of group Spirit of the West dead at 57

VANCOUVER — John Mann, lead singer and songwriter for Vancouver’s beloved Celtic-inflected… Continue reading

Old friends Orlondo Steinauer, Mike O’Shea to square off in Grey Cup

CALGARY — Jim Barker will have a unique opportunity Sunday. Barker will… Continue reading

Most Read