Apple Warns of “Extremely Sophisticated Attack”

Since Apple is usually very mild in its reports, to call this an extremely sophisticated attack that may be targeting iThings is pretty unusual.

The bug is in something called USB restricted mode which disables the USB port on phones and tablets after they have been locked for an hour. The idea is to stop hackers (and the cops) from using the port as a way to compromise the device’s security.

Apple is still being a bit cagey about the warning. Here is exactly what they are saying:

A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals

The bug is fixed in iOS 18.3.1, iPadOS 18.3.1 and iPadOS 17.7.5.

Usually it takes some commercial hacking software to compromise iThings. One example that is pretty notorious is Cellebrite. The Israeli company is well known for selling hacking tools, mostly to folks whose checks clear but in theory to law enforcement.

The feds used Cellebrite’s software to crack the phone of the guy who was accused of attempting to kill the president when he was a candidate. It took them 40 minutes. We don’t have the data on that; for all we know his password was 1-2-3-4 or they just put his finger on the phone.

One good bit of news here is that since this is a USB port attack, we think it takes physical access to compromise it.

Still, given Apple’s unusual warning, something big is happening and they are not really saying what. That is typical Apple.

Taking a conservative approach – time to patch again.

Credit: The Register

by