Google’s Threat Analysis Group (TAG) on Thursday published an article about spyware from RCS Labs, an Italian company that targeted iPhones and Android phones in Italy and Kazakhstan. When installed, the spyware would monitor the user’s messages and contacts.
However, the exploits used by RCS Labs have been fixed by Apple—some as far back as iOS 12’s cycle from 2018 to 2019. iPhone users who regularly update iOS are not in danger of having their iPhone exploited by RCS Lab’s spyware.
Google TAG listed the following exploits used by RCS Labs. We’ve listed the iOS version when Apple issued a security patch and the links to Apple’s security notes. Apple also patched iPadOS, macOS, watchOS, and tvOS when applicable.
Google’s article specifically states that users in Italy and Kazakhstan were identified as affected, but how widespread the attack was is not covered in the article, nor if there was any possibility that users outside those two countries could have been affected.
According to Google, the attack started with a unique web link sent to a user, and when the link was activated, “the page attempted to get the user to download and install a malicious application.” Google also believes that the attack would disable the phone data connection, and the attacker would then send an SMS that told the user that an attached link would restore the data connection. But the link was malicious and would install the spyware.
How to update the operating system
Google’s article is a good reminder of the importance of installing OS updates as soon as it’s feasible. Updates usually include important security patches to protect you and your device. If you’re not familiar with how to update your device, here are the steps:
- iPhone and iPad: Tap Settings > General > Software Update.
- macOS: Click the Apple menu > System Preferences… > Software Update.
- watchOS: On your iPhone, open the Watch app. Then tap General > Software Update.
- tvOS: Open Settings. Then go to System > Software Updates.