4-year campaign backdoored iPhones using possibly the most advanced exploit ever

[…] the unknown attackers were able to achieve an unprecedented level of access by exploiting a vulnerability in an undocumented hardware feature that few if anyone outside of Apple and chip suppliers such as ARM Holdings knew of.

Other questions remain unanswered, wrote Larin, even after about 12 months of intensive investigation. Besides how the attackers learned of the hardware feature, the researchers still don’t know what, precisely, its purpose is.


Was the user aware of the text message pdf attachment? Are they presented with gibberish at all or is it completely silent?

Guess they were right.

1 Like

Guess it was only a matter of time until someone with no proof at all alleges that it was an intentional backdoor.


My conspiratorial side actually went the route that the chip supplier placed it without Apple’s knowledge/consent. Obviously nothing to support that, but [if it was intentional] I think it’s more likely than Apple signing off on it.

Wow people are so quick to jump to conspiracy theories. Special undocumented functions are very common in complex chips, being there to test the chip. I would go so far as to say any complex chip will have special registers/special pins which are used for testing. Testing can be a significant portion of a chip’s cost, so anything which can reduce testing time is highly desirable from the chip maker’s point of view. The article even mentioned that they believed the special registers were there for testing.


Before jumping into conspiracy theories of those registries being there and vulnerable on purpose, remember Hanlon’s razor

Never attribute to malice that which is adequately explained by stupidity.