Quote:A sophisticated mobile malware campaign is gaining access to iPhones by tricking users to download an open-source mobile device management (MDM) software package.


Once in control, the unidentified hackers can steal various forms of sensitive information from infected devices, including the phone number, serial number, location, contact details, user's photos, SMS, and Telegram and WhatsApp chat messages.

Thirteen users -- all in India -- have been been compromised in the attacks, which have been detailed by Cisco Talos. Those infected use a range of iPhone models and are running iOS versions ranging from 10.2.1 to 11.2.6. The campaign has been active since August 2015.

The attackers take control by using the MDM package, which can give attackers complete control of the device and the ability to install fake versions of real apps.