Here we go again: another example of government surveillance involving smartphones from Apple and Google has emerged, and it shows how sophisticated government-backed attacks can become and why there’s justification for keeping mobile platforms utterly locked down.
What has happened?
I don’t intend to focus too much on the news, but in brief it is as follows:
- Google’s Threat Analysis Group has published information revealing the hack.
- Italian surveillance firm RCS Labs created the attack.
- The attack has been used in Italy and Kazakhstan, and possibly elsewhere.
- Some generations of the attack are wielded with help from ISPs.
- On iOS, attackers abused Apple’s enterprise certification tools that enable in-house app deployment.
- Around nine different attacks were used.
The attack works like this: The target is sent a unique link that aims to trick them into downloading and installing a malicious app. In some cases, the spooks worked with an ISP to disable data connectivity to trick targets into downloading the app to recover that connection.
