My first question upon seeing the title was "What are Kaspersky iPhones?"
Answered in the first paragraph: "Kaspersky has been hit by an advanced cyberattack that used clickless exploits to infect the iPhones of several dozen employees with malware ..."
So this was iPhones belonging to Kaspersky employees - though sounds like the exploit could hit any iPhone.
Given the exploit vector looks like yet another iMessage attachment bug,
> The target iOS device receives a message via the iMessage service, with an attachment containing an exploit.
and that one of the effects of Lockdown Mode is
> Messages - Most message attachment types are blocked, other than certain images, video, and audio. Some features, such as links and link previews, are unavailable.
It might be prevented. Pretty sure disabling iMessage altogether sidesteps this class of bugs too. I've lost track of how many times iMessage has been the root cause of "unattended iOS RCE," at this point it's almost user negligence to have left on.
I was surprised that the article didn't mention Lockdown Mode considering the likely overlap in features. It's even possible that Lockdown Mode was developed (at least in part) to defeat these types of exploits, given the timeline.
Apple has chosen that it is more important to exploit in-group bias with bubble colors than phone security.
I joke, but I can't tell you how annoying iMessage has been. Its so bad with non-iphones, we basically switch to email or teams when doing group communication.
I don't think this is possible, but I too wish it were. I hate the fact that you can't copy a link from Messages without it opening a preview. That means if you've been forwarded a link with trackers, it's impossible to remove the tracking bits before opening. Not good!
When you long-press a link, there's a button at the top right corner that says "Hide preview". If you press it, previews will stop opening automatically everywhere.
Lockdown Mode was added in iOS 16. The article only mentions iOS 15.7, saying there is no information whether iOS 16 is vulnerable (with or without Lockdown Mode), unfortunately.
It's curious they say iOS 16 was released "last month" when it was released last year.
> the fact of infection was detected by Kaspersky Unified Monitoring and Analysis Platform (KUMA), a native SIEM solution for information and event management; the system detected an anomaly in our network coming from Apple devices.
Interesting. This demonstrates the big downside of iOS's security model - it's basically impossible to run useful host-based IDS, which likely would have flagged this much more quickly.
Treat all of your devices as compromised. Between the FBI breaking the terrorist's iphone, Pegasus, etc... It might be best to have a burner smart phone that you keep off 99.99% of the time and get your secrets off it only.
Lame comment, but for what its worth - I assume my iphone acts like a cia tacking device that sends all my info to nsa, so I never put anything on there that could get me in real trouble.
But it would suck if I got a text from a russian organized hacking criminal org that got a hold or my banking credentials.
Because Android is a far more secure platform and Google is a far more trustworthy custodian of your data?
Or are you recommending that one opt out of a good portion of society by not using a smartphone? For most people that is not really a convenient option.
Hopefully the diversity in the Android ecosystem (seems like every Android phone vendor wants to run their own variants of various bits) makes it harder to exploit all Android devices with one exploit.
Also has the downside of increasing the attack surface, but yeah. I feel like it's potatoes grown from "seed" potatoes vs. potatoes grown from actual seeds.
iOS makes this very difficult, even for security researchers. Everyone, irregardless of skill level should be able to have some basic control over the device they use
Interesting that people in sensitive positions would use foreign made smartphones. Surely they are Russian companies that manufacture at least low end Android phones?
Android would still be running Google so I guess it's a risk either way. At least Apple seem to be more secure by default without any user config.
Looked this up and there is indeed a Russian company called Ayya, making smartphones with a switch to disable the microphone. It'll also be changing from Android to a domestically made OS, it seems.
https://www.indiatimes.com/technology/news/russia-ayya-t1-sm...
Doesn't need to be a Google version of Android. Since it's open source, there's plenty of non-Google forks, such as this one, focusing on privacy and security: https://grapheneos.org/
There's an entire section in the article titled: "Russia accuses Apple of colluding with the NSA". I would assume if the FSB isn't just blowing smoke, then your question is answered.
I assume the norm, or at least what they want to be the norm, is Huawei, Oppo, or Xiaomi. Regardless of what manufacturer or OS you use, it will not protect you from motivated nation states or companies like NSO.
If you are truly concerned for your life, especially in authoritarian regimes, don't carry a phone.
Same case with email too. I prefer to access email through a browser where you have a little more control over what gets loaded.
Atleast then it's above a clickless.
Answered in the first paragraph: "Kaspersky has been hit by an advanced cyberattack that used clickless exploits to infect the iPhones of several dozen employees with malware ..."
So this was iPhones belonging to Kaspersky employees - though sounds like the exploit could hit any iPhone.