A Spyware Vendor Seemingly Made a Fake WhatsApp to Hack Targets
Hackers tried to trick iPhone users into installing a fake version of WhatsApp in a potential attempt to gather information about them. Technical analyses by both researchers from digital rights watchdog Citizen Lab and Motherboard suggest that this fake version of WhatsApp is linked to a specific Italian surveillance company.
The news highlights a sometimes overlooked attack on iPhones: tricking users into installing configuration files or so-called Mobile Device Management (MDM) profiles, which can then potentially push malware onto a target device. As the price of exploits for breaking into iPhones has steadily climbed, other government malware vendors have moved to leveraging MDM profiles to hack phones.