On Monday, Apple released updates of the mobile operating systems of iOS and iPados, which identified a defect that the company said, “Maybe it was used in a very sophisticated attack against specific targeted individuals.”
In version notes to iOS 18.3.1 and iPados 18.3.1The company said that the weakness allowed to disable the restriction of USB “on a closed device.” It was presented in 2018, a restricted Mode USB is a safety feature that prevents iPhone or iPad to send data via a USB connection if the device is not opened for seven days. Last year, Apple released another safety feature that restart devices if it is not opened for 72 hours, which makes it more difficult to apply the law or criminals who use forensic tools to access data on these devices.
Based on its language used in its security update, Apple hints until the attacks were probably carried out by physical control in the person, which means that who was misuse of this defect had to connect to a person’s Apple devices with the forensic system such as Cellebrite or GrayKey,, Two laws to enforce the law to cancel the data stored on and access to iPhone and other devices.
Weakness Discover it Bill MarxakA senior researcher at the Citizen Lab Laboratory, the University of Toronto, which is investigating electronic attacks against civil society.
Contact us
Do you have more information about this defect, or other days of iPhone Zero Adays and Cybertacks? From a non-action device, you can call Lorenzo Franceschi-bicchierai safely to indicate +1 917 257 1382, or via Telegram and Keybasarezofb, or email. You can also contact Techcrunch via Securedrop.
Apple did not respond to a request for comment by the time of the press.
Markzk told Techcrunch that he could not comment on the record at this stage.
It is not clear at this stage who was responsible for the misuse of this defect, and against it was used. But there were documented cases in the past where law enforcement agencies used forensic tools, which usually offend the so -called zero defects per day in devices such as iPhone, to cancel devices insurance and access data at home.
In December 2024, Amnesty International issued a report documenting a series of attacks by the Serbian authorities as they used Celbrite to open the phones of activists and journalists in the country, then install harmful programs on them.
Security researchers said that the forensic medicine was more likely to be “widely” for individuals in civil society, according to amnesty.
