Security flaws are unfortunately the order of the day and can affect many services. For example iMessage has been the last one of which a vulnerability has been known that affected 37 journalists. This has ended up causing these professionals to have been spied on by the government, violating freedom of expression.
Governments spy on journalists through iMessage
The failure that was present in iMessage went unnoticed by everyone, since it was practically a year without patching. Specifically, it began to occur on computers that had iOS 13.5.1 installed but it is possible that it was also transferred to other higher versions. Everything indicates that this attack was orchestrated by the United Arab Emirates against national media. It is known by all that these types of countries do not shine for their democracy as we have previously commented. All this was carried out through software developed by the Israeli company NSO Group.
The highlight of all is that this exploit is zero-day, so users were unaware of what was happening on their iPhones. This exploit could simply be started at the moment of receiving a text message that at first could be something totally harmless. That is why the infected iPhone began to upload large amounts of information such as phone calls, photo gallery, passwords or location to the network. All of this could be used to keep journalists or executives from large chains under control at all times. Because it was a fairly subtle attack it is partly logical that it could not be patched until months later.
As of iOS 14 it seems that it is no longer possible to run this exploit in the iMessage application. From the Cupertino company the only thing they wanted to make clear is that the latest version of the operating system must always be installed. In this way you can take advantage of all the security patches that are being included and that for the user can go unnoticed.
No service escapes security flaws
It is clear that when you have a mobile device in your hands, you can suffer an attack by a hacker. We see that practically no service is delivered. Although iMessage is owned by Apple and works closely with iOS code, it does not mean that it is totally immune to attacks. The Apple operating system, as we have seen over the last few months, also has some security holes that can be exploited to steal sensitive information. And it all really starts with something that is harmless at first, such as a simple SMS, as has happened in this case.
You should always keep in mind that you should never open any type of file that is from an unknown source or links to websites that have not been verified. Despite being on an Apple operating system, this is not exempt from all the consequences that a cyberattack can have.