The “all antifa” is a bit (at least in the quote tweet) because “antifa, politicians, and journalists” were targeted by the Pegasus malware, which could hack a phone without any input from the user and without showing any signs of tampering. I think it sent a malicious text that you couldn’t see and then that was game over, you’re owned.
The update is supposed to fix the vulnerability Pegasus was exploiting, so it is very important to install if you have an iPhone.
I really feel like these text message attacks are implemented on purpose holy cow. There have been at least 4 of these attacks on iOS over the years. How hard could it be to make sure there isn't a buffer overflow or something in their text message code?!
Messaging apps these days are a huge vector for attacks since they have these massive, sprawling featuresets and are often integrated deeply into the OS. You've got rich text, URL previews, audio, video, automatic message parsing for replies/calendar events/reminders/2FA codes/etc, emoji, stickers, GIFs from external services, the list goes on. Most of the time there's some level of separation for third party apps like facebook messenger and discord, but the built-in apps are much closer to the OS and often have expanded privileges.
Is this legitimate or a bit?
The “all antifa” is a bit (at least in the quote tweet) because “antifa, politicians, and journalists” were targeted by the Pegasus malware, which could hack a phone without any input from the user and without showing any signs of tampering. I think it sent a malicious text that you couldn’t see and then that was game over, you’re owned.
The update is supposed to fix the vulnerability Pegasus was exploiting, so it is very important to install if you have an iPhone.
I really feel like these text message attacks are implemented on purpose holy cow. There have been at least 4 of these attacks on iOS over the years. How hard could it be to make sure there isn't a buffer overflow or something in their text message code?!
Messaging apps these days are a huge vector for attacks since they have these massive, sprawling featuresets and are often integrated deeply into the OS. You've got rich text, URL previews, audio, video, automatic message parsing for replies/calendar events/reminders/2FA codes/etc, emoji, stickers, GIFs from external services, the list goes on. Most of the time there's some level of separation for third party apps like facebook messenger and discord, but the built-in apps are much closer to the OS and often have expanded privileges.