Google’s Threat Analysis Group (TAG) on Thursday released an article about spyware from RCS Labs, an Italian company targeting iPhones and Android phones in Italy and Kazakhstan. Once installed, Spyware will monitor user messages and contacts.
However, the exploits used by RCS labs have been fixed by Apple, somewhat similar to the cycle of iOS 12 from 2018 to 2019. IPhone users who regularly update iOS are not at risk of being exploited by iPhone RCS Lab spyware.
Google TAG lists the following exploits used by RCS Labs: We listed the iOS version when Apple released a security patch and a link to Apple’s security note. Apple patches iPadOS, macOS, watchOS and tvOS when applicable.
Google’s article specifically states that users in Italy and Kazakhstan were identified as affected, but did not cover how widespread the attack was, or whether there was a possibility that users outside the two countries might be affected.
According to Google, the attack started with a unique web link sent to a user and when the link was activated, “the page tried to get the user to download and install a malicious application.” Google further believes that the attack will disable the phone data connection and the attacker will then send an SMS telling the user that a connected link will restore the data connection. But the link was malicious and will install spyware.
How to update the operating system
Google’s article is a good reminder of the importance of installing OS updates as soon as possible. Updates usually include important security patches to keep you and your device safe. If you’re not familiar with how to update your device, here are the steps:
- iPhone and iPad: Tap Settings > General > Software updates.
- Mac operating system: Click the Apple menu> System Preferences … > Software updates.
- watchOS: On your iPhone, open the Watch app. Then tap General > Software updates.
- TVOS: Open Settings. Then go Method > Software update.