Google’s threat analysis group (TAG) on Thursday released an article on spyware from RCS Labs, an Italian company targeting iPhones and Android phones in Italy and Kazakhstan. When installed, the spyware would monitor the user’s messages and contacts.
However, the exploits used by RCS Labs have been fixed by Apple, some from the iOS 12 cycle of 2018 to 2019. iPhone users who update iOS regularly do not run the risk of their iPhone exploiting RCS spyware. The B.
Google TAG listed the following exploits used by RCS Labs. We’ve listed the iOS version when Apple issued a security patch and links to Apple’s security notes. Apple also patched iPadOS, macOS, watchOS and tvOS when appropriate.
The Google article specifically states that users in Italy and Kazakhstan were identified as affected, but the extent of the attack is not addressed in the article, nor whether there was any possibility that users outside ‘these two countries have been affected.
According to Google, the attack began with a single web link sent to a user, and when the link was activated, “the page attempted to get the user to download and install a malicious application.” Google also believes that the attack would disable the phone’s data connection, and then the attacker would send an SMS telling the user that an attachment would restore the data connection. But the link was malicious and would install spyware.
How to upgrade the operating system
The Google article is a good reminder of the importance of installing operating system updates as soon as possible. Updates usually include important security patches to protect you and your device. If you’re not familiar with how to update your device, here are the steps:
- iPhone and iPad: Tap Settings> General> Software update.
- macOS: Click the Apple menu> System Preferences …> Software Update.
- watchOS: On your iPhone, open the Watch app. Then tap General> Software Update.
- tvOS: Open Settings. Then go to System> Software Updates.