A new investigation shows that hackers are still relying on old tricks to break into iPhones and Android devices. Here are the details.
’A growing trend of government agencies outsourcing their hacking operations’
As spotted by TechCrunch, three cybersecurity research companies collaborated to produce complementary reports detailing a years-long hack-for-hire campaign targeting journalists, activists, and officials across the Middle East and North Africa.
According to findings shared by Access Now, Lookout, and SMEX, the attacks targeted civilians and government officials in several countries, most of them in the region, in addition to “the United Kingdom, and potentially the United States or alumni of American universities,” per TechCrunch.
Access Now investigated three attack events that took place between 2023 and 2025, while Lookout linked them to the hack-for-hire group BITTER APT, “an offshoot of the Indian hack-for-hire startup Appin”.
Contrary to the Coruna exploit and DarkSword exploit attacks, which recently drew attention for their intricate chaining of known vulnerabilities to compromise outdated iPhones and iPads, this campaign relied on far less sophisticated tactics, including phishing:
“In the attacks part of this campaign, the hackers used several different techniques. When targeting iPhone users, the hackers tried to trick targets into giving up their Apple ID credentials in order to then hack into their iCloud backups, which effectively would have given them access to the full content of the targets’ iPhones.“
Lookout’s report includes nearly 1,500 different web addresses designed to impersonate legitimate services, but used to host phishing pages and other malicious infrastructure.
The ones specific to Apple included:
- facetime-web[.]me-en[.]io
- apple[.]id-us[.]cc
- icloud[.]com-ar[.]me
- icloud[.]com-service[.]info
- signin-apple[.]com-en-uk[.]info
As noted in the reports, the campaign went far beyond Apple, also targeting users and services from companies such as Google, Microsoft, Signal, WhatsApp, and Yahoo, with different hacking and phishing techniques.
TechCrunch added that this campaign marks a “growing trend of government agencies outsourcing their hacking operations to private hack-for-hire companies”:
These groups and their customers get “plausible deniability since they run all the operations and infrastructure.” And for their customers, these hack-for-hire groups are likely cheaper than purchasing commercial spyware, said [Justin Albrecht, principal researcher at Lookout].
You can find TechCrunch’s report here.
Worth checking out on Amazon
- David Pogue – ’Apple: The First 50 Years’
- MacBook Neo
- Logitech MX Master 4
- AirPods Pro 3
- AirTag (2nd Generation) – 4 Pack
- Apple Watch Series 11
- Wireless CarPlay adapter
FTC: We use income earning auto affiliate links. More.
Comments