Six Democrats sent a letter to the Director of National Intelligence seeking clarity on whether using a commercial VPN could strip citizens of their privacy rights by exposing them to foreign surveillance laws.
Apple says it has no record of a successful spyware attack against any device running Lockdown Mode, the opt-in security feature it introduced in 2022.
"We are not aware of any successful mercenary spyware attacks against a Lockdown Mode-enabled Apple device," an Apple spokesperson told TechCrunch.
Lockdown Mode is available on the iPhone, iPad, and Mac, and dramatically restricts certain system features that are commonly exploited by mercenary spyware. When enabled, it blocks most message attachment types, disables certain complex web technologies, and prevents devices from automatically joining non-secure Wi-Fi networks, among other restrictions. Apple designed the feature specifically to protect high-risk users such as journalists, activists, lawyers, and others who may be personally targeted by sophisticated nation-state-level attacks.
Donncha Γ Cearbhaill, head of the security lab at Amnesty International, said he and his colleagues "have not seen any evidence of an iPhone being successfully compromised by mercenary spyware where Lockdown Mode was enabled at the time of the attack." Digital rights organizations including Amnesty International and the University of Toronto's Citizen Lab have documented numerous successful spyware attacks on iPhone users over the years, but none have involved a bypass of Lockdown Mode.
Citizen Lab researchers have confirmed at least two cases where Lockdown Mode actively blocked spyware attacks, with one involving NSO Group's Pegasus and another involving Predator spyware, made by a company now part of Intellexa. Google researchers found that spyware was coded to abort its infection attempt if it detected Lockdown Mode was active, apparently to avoid leaving traces that could expose the attack.
Patrick Wardle, an Apple cybersecurity expert, told TechCrunch, "I think it's safe to say, Lockdown Mode is one of the most aggressive consumer-facing hardening features ever shipped."
Apple has begun pushing Lock Screen notifications to iPhones and iPads running older versions of iOS and iPadOS, warning users of active web-based attacks.
The alerts, which appear as a "Critical Software" notification from the Settings app, warn that Apple "is aware of attacks targeting out-of-date iOS software, including the version on your iPhone," and urge users to install a critical update to protect their device. The notifications are being seen on devices running a range of older iOS versions, including iOS 17.0, far beyond the iOS 13 and iOS 14 devices that Apple specifically flagged in its support documentation.
In the documentation, Apple highlighted recent reports about hacking tools that are effective against older versions of iOS. Hackers are using iOS exploit kits known as "Coruna" and "DarkSword," which can take advantage of vulnerabilities in iOS 13 through to iOS 17.2.1. Clicking a malicious link or visiting a compromised website on an unpatched device could result in data being stolen.
"If your iPhone doesn't have the latest software, update iOS to protect your data," Apple says. Users can update by going to Settings, General, and Software Update.
Apple released iOS 15.8.7 and iOS 16.7.15, along with corresponding iPadOS versions, on March 11 to address security vulnerabilities associated with the Coruna exploit kit. Devices running the latest updated versions of iOS 15 through iOS 26 are already protected, while devices on iOS 13 or iOS 14 must update to iOS 15 to receive these protections.
Apple has patched the vulnerabilities as they have come to light over the last several months, so users who have already upgraded to the newest version of iOS available for their iPhone are protected from the malicious websites and links that are circulating right now. Apple Safe Browsing in Safari is enabled by default and blocks the malicious URL domains identified in the attacks.
Users who are unable to update should consider enabling Lockdown Mode, if available, to protect against malicious web content. Lockdown Mode is available on iOS 16 and later.
Login
Latest from TechRadar in News
MacRumors: Mac News and Rumors - All Stories
