On Monday, Apple released updates on its mobile operating systems for iOS and iPados, which determined a defect that the company stated that “it may have exploited a highly sophisticated attack on specific targeted people”.
To the release notes for ios 18.3.1 and ipados 18.3.1The company reported that vulnerability allowed to disable the limited USB function “on a locked device”. Introduced in 2018, the limited USB feature is a security feature that prevents the ability of an iPhone or iPad from sending data to USB connection if the device is not unlocked for seven days. Last year, Apple has released another security feature that restarts the devices if not unlocked for 72 hours, making it more difficult to enforce the law or criminals using forensic tools to access data on these devices.
Based on its tongue used in the security update, Apple indicates that the attacks were most likely carried out with natural control of a person’s device, which means that anyone who abuses this defect had to be connected to the Apple devices of the person with a criminal device Like Cellegite or Graykey, two systems that allow law enforcement to unlock and access data stored on iPhones and other devices.
The vulnerability discovered by Bill MarczakA senior researcher at the Citizen Lab laboratory, a group of the University of Toronto who is investigating cyberspace against civil society.
Contact us
Do you have more information about this defect, or other zero days of iPhone and cyberettacks? From a non-work device, you can contact Lorenzo Franceschi-bicchierai safely on the signal on +1 917 257 1382, or via the telegraph and keybase @lorenzofb or email. You can also contact TechCrunch via securedrop.
Apple did not respond to a request for comments from the press time.
Marczak told TechCrunch that he could not comment on the file at this point.
It is not clear at the moment who was responsible for the abuse of this defect and against which it was used. However, there have been documented cases in the past, where law enforcement services have used forensic tools, which are usually abusing zero -day defects on devices such as iPhone, to unlock devices and access the data.
In December 2024, Amnesty International published a report that documented a series of attacks by the Serbian authorities where they used Cellebrite to unlock the phones of activists and journalists in the country and then install malware.
Security researchers said Cellebrite forensic devices were probably used “widely” in people in civil society, according to Amnesty.
