If you thought hackers were relentless in their efforts to try to break into iPhones and Android devices while trying to get into iCloud and Apple ID accounts, you weren’t wrong.
Per 9to5Mac and TechCrunch, three cybersecurity research companies collaborated to produce complementary reports detailing a years-long hack-for-hire campaign targeting journalists, activists, and officials across the Middle East and North Africa.
The findings shared by Access Now, Lookout, and SMEX show that the attacks targeted civilians and government officials in several countries, most of them in the region, in addition to “the United Kingdom, and potentially the United States or alumni of American universities.”
The report also indicated that attackers are using less sophisticated yet Apple-focused attacks. The attackers themselves made efforts “to trick targets into giving up their Apple ID credentials in order to then hack into their iCloud backups, which effectively would have given them access to the full content of the targets’ iPhones.“
The ones specific to Apple included:
- facetime-web[.]me-en[.]io
- apple[.]id-us[.]cc
- icloud[.]com-ar[.]me
- icloud[.]com-service[.]info
- signin-apple[.]com-en-uk[.]info
The reports indicated that the campaign went beyond Apple credentials and targeted users and services from companies such as Google, Microsoft, Signal, WhatsApp, and Yahoo, with different hacking and phishing techniques.
In short, don’t give up your Apple ID or iCloud information to a random stranger who asks for it, and be careful out there.
Via 9to5Mac, TechCrunch, Access Now, Lookout, and SMEX
Leave a Reply