Sophisticated, persistent mobile attack against high-value targets on iOS
by Volker Weber
From the lookout blog:
Lookout’s analysis determined that the malware exploits three zero-day vulnerabilities, or Trident, in Apple iOS:
- CVE-2016-4655: Information leak in Kernel – A kernel base mapping vulnerability that leaks information to the attacker allowing him to calculate the kernel’s location in memory.
- CVE-2016-4656: Kernel Memory corruption leads to Jailbreak – 32 and 64 bit iOS kernel-level vulnerabilities that allow the attacker to silently jailbreak the device and install surveillance software.
- CVE-2016-4657: Memory Corruption in Webkit – A vulnerability in the Safari WebKit that allows the attacker to compromise the device when the user clicks on a link.
Without a jailbreak you can't install the exploit. That is why Apple regards a jailbreak as a number one security threat. As does BlackBerry on their Android devices.
You can help the attacker by applying a jailbreak (or root access in case of Android). Then they only need the third attack vector. You have already let down your guard.