Everything you need to know about the Trident iPhone exploit

A new zero-day exploit is doing some pretty nasty things to iPhones

Last night the story broke that a piece of commercially-produced malware had been discovered which would allow someone to remotely take over an iPhone. The malware, dubbed Trident, used three previously undiscovered vulnerabilities in iOS to gain access to the phone and install sophisticated spyware.

What does the iPhone Trident exploit do?

It allows malicious users to remotely jailbreak a phone and install software on it that's hidden from the phone's owner. The malware is triggered by someone visiting a web page - the phone's user doesn't need to agree to download anything. The spyware package allowed its masters to use the phone's camera and microphone to record anything at any time, as well as monitoring chat software such as WhatsApp.

How was the Trident malware discovered?

The malware appears to have been specifically targeted at Ahmed Mansour, a human rights activist in the UAE. Mansour received text messages on his phone which claimed to link to details of human rights abuses. However, he became suspicious of the messages, and passed details on to Citizen Lab, who dissected the malware and linked it to an Israeli company which makes spyware for use by governments.

Who made the Trident malware?

Can the Trident malware affect me?

In theory, yes. In practice, this kind of targeted malware attack is almost always designed to focus on specific users by the government responsible. They also tend to want to keep the malware they use close to their chests because it's a costly piece of software which (ironically) they don't want to get into "the wrong" hands.

It's already been patched

If you're on iOS 9, hit software update and download iOS 9.3.5. This patches the exploits used by the NSO malware, as well as throwing in a few other security fixes into the mix.

Isn't this all pretty shady?

Yes it is. Add together shadowy companies making malware and governments targeting human rights activists for surveillance by hacking and you have something that sounds like it's out of a pacy cyberwar novel. Sadly, it looks like it's not fiction.

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now
Advertisement

Recommended

Visit/security/malware/355093/evasive-malware-threats-are-surging
malware

Evasive malware threats doubled in 2019

24 Mar 2020
Visit/security/malware/28083/the-five-best-free-malware-removal-tools
Security

Best free malware removal tools 2019

2 Mar 2020
Visit/mobile/23617/the-best-smartphones-to-buy
Mobile

Best smartphone 2019: Apple, Samsung and OnePlus duke it out

24 Dec 2019
Visit/antivirus/28144/best-antivirus
antivirus

Best antivirus for Windows 10

3 Sep 2019

Most Popular

Visit/software/video-conferencing/355138/zoom-beaming-ios-user-data-to-facebook-for-targeted-ads
video conferencing

Zoom beams iOS user data to Facebook for targeted ads

27 Mar 2020
Visit/infrastructure/server-storage/355118/hpe-warns-of-critical-bug-that-destroys-ssds-after-40000-hours
Server & storage

HPE warns of 'critical' bug that destroys SSDs after 40,000 hours

26 Mar 2020
Visit/software/355113/companies-offering-free-software-to-fight-covid-19
Software

These are the companies offering free software during the coronavirus crisis

25 Mar 2020
Visit/mobile/mobile-phones/355088/apple-lifts-iphone-purchase-restrictions
Mobile Phones

Apple lifts iPhone purchase restrictions

23 Mar 2020