Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
On Monday, Apple released updates of the mobile operating systems of iOS and iPados, which identified a defect that the company said, “Maybe it was used in a very sophisticated attack against specific targeted individuals.”
In version notes to iOS 18.3.1 and iPados 18.3.1The company said that the weakness allowed to disable the restriction of USB “on a closed device.” foot In 2018Restricted USB mode is a safety feature that prevents iPhone or iPad to send data via a USB connection if the device is not opened for seven days. Last year, Apple released another safety feature The devices are restarted if they are not opened for 72 hours, which makes it more difficult to apply the law or criminals who use forensic tools to access data on these devices.
Based on its language used in its security update, Apple’s Apple Times until the attacks were probably carried out by physical control in the person, which means that whoever misuses this defect to connect to the Apple devices with the forensic device such as the forensic system such as Cellbrite or GraykeyTwo two systems allowing law enforcement to cancel the data stored on iPhone and other devices and access them.
Weakness Discover it Bill MarxakA senior researcher at the Citizen Lab Laboratory, the University of Toronto, which is investigating electronic attacks against civil society.
Contact us
Do you have more information about this defect, or other days of iPhone Zero Adays and Cybertacks? From a non-action device, you can connect to Lorenzo Franceschi-bicchierai safe Email. You can also call the techcrunch via Securedrop.
Apple did not respond to a request for comment by the time of the press.
Markzk told Techcrunch that he could not comment on the record at this stage.
It is not clear at the present time that was responsible for the misuse of this defect, and against it was used. But there were documented cases in the past where law enforcement agencies used forensic tools, which are usually treated Disadvantages of zero day In devices like iPhone, to unlock devices and access data inside.
In December 2024, Amnesty International issued a report documenting a series of attacks by the Serbian authorities They used Cellebrite to open the phones of activists and journalists in the countryThen install harmful programs on them.
Security researchers said that the forensic medicine was more likely to be “widely” for individuals in civil society, according to amnesty.
