Bogus Mobile Device Management system used to hack iPhones in India

  • 13 July 2018
  • 1 reply
  • 2 views

Userlevel 7
Badge +54

Baker's dozen pwned by tricksy attack

 By John Leyden 13 Jul 2018  Business iPhone users in India have been targeted in a sophisticated and attack run through bogus Mobile Device Management (MDM) servers.
 
Using either physical access or - more likely - social engineering trickery, certificates from a selection of two sketchy MDM servers were installed on targeted iPhones. This gave the hacker-controlled MDMs admin rights that were abused to load bogus versions of WhatsApp, Telegram and other apps, security researchers said.
 
Full Article.

1 reply

Userlevel 5
Badge +11
The iPhone and many of the apps designed to live on the device have the ability to track our location. Whenever they set up these apps, however, users get the option to opt in or out of location tracking services. But what happens when a malicious campaign doesn’t give users the option to opt of having their location tracked by cybercriminals? In fact, just this week, it has been discovered that iPhone users may be faced with that very possibility, as a sophisticated mobile malware campaign is gaining access to devices by tricking users into downloading an open-source mobile device management (MDM) software package.
 
Link to full article

Reply