According to TechCrunch Apple released a pandemic-style security fix for its iPhones along with iPads because a severe data security flaw prompts unauthorized device data access.
The data vulnerability works as a sophisticated tool to attack specific persons because it enables attackers to disable USB Restricted Mode on locked devices which lets them access phone information even when the phone is locked.
Apple brought USB Restricted Mode to the market during 2018 as a security measure which restricts USB data transfer capabilities on unattended phones for seven days after unlocking. A recent Apple update triggered a phone reboot after 72 hours of inactivity when the device remains unlocked which obstructs criminals and police from accessing data stored on those devices through digital forensic examination.
The recent security update from Apple demonstrates such attacks occurred only through direct access to physical devices and requires minimum three components to successfully exploit this vulnerability including device ownership and computer with a USB connection along with crime investigation software like Cellebrite or Graykey.
Bill Marczak found this security flaw as he serves as a senior research scientist at the Citizen Lab based at the University of Toronto where they study cyber-attacks against civil organizations.
The person or entity responsible for this vulnerability remains unidentified alongside their targeted subjects because law enforcement bodies utilized similar digital forensic tools in previous cases to access device data through unknown iPhone vulnerabilities.
TechCrunch reported that last December Serbian authorities attacked activists and journalists with devices from Israeli company Cellebrite which allowed them to break into mobile phones and infect the devices with malware.
Security researchers have confirmed to Amnesty their belief that Cellebrite digital forensics systems have been extensively used against civil society members.
