Category: Apple Insider

The exploit was discovered on an iPhone owned by an individual employed by a Washington DC-based civil society organization. The exploit was used to deliver NSO Group’s Pegasus mercenary spyware.

Toronto’s Citizen Lab states that the exploit involves PassKit containing “malicious images sent from an attacker iMessage account to the victim.”

Citizen Lab disclosed their findings to Apple, who promptly issued CVE-2023-41064 and CVE-2023-41061 related to the exploit chain. The iOS 16.6.1 patch fixes the security gap, and Thursday’s report from Citizen Lab confirms that.

Both Citizen Lab and AppleInsider recommend that iPhone owners update their devices as soon as feasible. Users can download the security fix by opening the Settings app, tapping Software Update, and installing iOS 16.6.1 from the menu.

The security researchers will publish a more detailed discussion of the exploit chain in the future.

Google search can turn up malicious ads

The malware payload known as Atomic macOS Stealer (AMOS) first appeared in April being sold on Telegram for $1,000 per month. Once installed, it collects the user’s system password via aggressive pop-ups and then siphons off sensitive data like passwords, crypto, and files.

According to a report from researchers at Malwarebytes, AMOS is being delivered via a Google ad scheme to unsuspecting searchers. The ads are legitimate and paid for but disguise themselves as the website or software the user is searching for.

This attack relies on users’ trust in Google when clicking on ad search results. It appears at the top of the page and has Google’s ad stamp of approval, so users click through without inspecting for suspicious URLs or domain owners.

Once the user clicks the link, they are presented with a normal-looking page. The attackers create a near-perfect clone of the website users expect, so they click through and download the software.

AMOS doesn’t need to go through the normal installation process through Gatekeeper since it is an ad-hoc signed app. Users are directed to right-click and open the software from the mounted .dmg file.

After the file is opened, a fake prompt for the system password keeps popping up until the user relents and enters their password. It then harvests what data it can from the user’s Keychain, file system, and crypto wallets and sends it to the malware operator.

A disguised malware delivery page. Source: Malwarebytes

Google isn’t a foolproof tool. It delivers information based on the user’s account data and keywords, and malicious ads aren’t always going to get caught on review.

The number one security rule of the internet is paying attention to the URL. In the example given by Malwarebytes, the URL is trabingviews.com.

Users should exercise caution whenever they choose to download software from the web. The Mac App Store is the safest route for Mac users, but that won’t always be an option.

Pay attention to Google’s results, the URL you’re directed to, and the software installer itself. Be wary of how the software asks to be installed. Most software shouldn’t ask the user to bypass Gatekeeper.

A potential red-flag is software that demands the user open the app in place, on the installer image. As a general rule, it should ask the user to drag the installed app to the Finder.

Also, be wary of random requests for the system password, especially right after installing new software. Inspect the dialog for design irregularities or typos.

Apple’s iMessage

The EU’s Digital Markets Act was first proposed in October 2020, but it didn’t get official approval until July 2022. The new law became applicable in April 2023, designates gatekeepers on September 6, then goes into effect in March 2024.

A report from Financial Times sourced from two anonymous individuals says Apple and Microsoft are arguing their “flagship services” are not popular enough to fall under the EU’s definition of gatekeeper services. Apple is specifically arguing iMessage should not be labeled a gatekeeper service.

The EU is expected to reveal which services fall under its gatekeeper banner in the first week of September. The DMA is meant to throttle perceived monopolistic powers of large tech firms, like Apple, Microsoft, and Google.

If Apple’s iMessage does fall under the DMA ruleset, it means Apple will be required to open iMessage to third-party operators. However, how Apple might do that remains to be seen.

To meet the requirements of a gatekeeper service, the EU says it must have at least 45 million monthly active users. The company must also exceed 7.5 billion euros annually or have a market cap that surpasses 75 billion euros.

Apple has confirmed that there are over 1 billion active iPhones in the world. However, the company does not go into detail regarding regions, so it’s unknown if iMessage reaches the 45 million monthly active users in the region.

Apple does meet the monetary requirements. There is some chance the iMessage user base is below the 45 million mark in the EU if only because other chat services dominate the region.

Apple allegedly arguing iMessage does not meet the requirements is a change from July. The company, along with Microsoft and others, confirmed the EU’s new gatekeeper law applied to them in a blanket statement, but didn’t carve out specific services like iMessage before.

Despite Apple’s apparent change of heart, the first list of gatekeeper services should be published in September. If iMessage does avoid the list, it does not mean it won’t be added in the future.

The App Store is likely to also be included in the EU’s gatekeeper services list. Apple has allegedly been working on App Store alternatives for iPhones since 2022.

The MLS Season Pass has been a success for Apple TV+, in part thanks to events such as Lionel Messi’s joining of Inter Miami. However, a new promotion may help boost numbers even more.

First reported by TechCrunch, the MLS Season Pass subscription usually costs $99 per season, or $79 per season for Apple TV+ subscribers. Now, long past the halfway point of the February 25 to October 21 season, fans who were tempted to pick up the Season Pass but were put off by the cost can do so at a much cheaper cost.

Sports fans can now pay $29 for access to the Season Pass for the rest of the 2023 season, or for Apple TV+ subscribers, that price goes down to $25. This is a considerable saving compared to the per-month charges, which are $14.99 per month or $12.50 per month for Apple TV+ subscribers.

Under the season pass, subscribers gain access to live coverage of matches, as well as the post-season play-offs, set to run from October 25 through to December 9. There is also a selection of other video content available, including match replays, original programming, and studio programs.

Once bought, the MLS Season Pass can be viewed wherever the Apple TV app is accessible, including the Apple TV set-top boxes, iPhone and iPad, Mac, and selected smart TVs.

Apps by Apple

Updated on Saturday, the new Apps by Apple page explains users can “connect, create, and get things done with powerful and intuitive apps designed to be accessible, private, and secure.”

The headline carousel has slides promoting Messages, Safari, Final Cut Pro for iPad, and Logic Pro for iPad. Each listing, along with a small paragraph explaining what the user can get out of using the app, is accompanied by a link for users to find out more.

Further down the page are smaller carousels, organized by Communication, Creativity, Productivity, Exploration, Entertainment & Home, Health & Fitness, and Features. The default All view will show all apps on each carousel, but users can also elect to view apps for the Mac, iPad, iPhone, Apple Watch, or Apple TV, with the lists adjusting to match.

At the bottom, Apple has a large grid of non-interactive app icons, showing all of the smaller feature-like apps its operating systems also provide.

Toward the bottom of the page, Apple reiterates its commitment to privacy and accessibility, and a final part that takes users to the App Store.

The timing of the page’s introduction is curious, as Apple is thought to be bracing itself for the European Union to force the company to allow third-party App Stores to exist on its devices in 2024. It also occurs ahead of the expected fall release of iOS 17 and its other milestone operating systems.

Apple’s abandoned child protection feature

Heat Initiative said it would launch the campaign against Apple after pressing the tech giant on why it had abandoned plans for on-device and iCloud Child Sexual Abuse Material (CSAM) detection tools. The launch comes after Apple giving its most detailed response yet as to why it backed off its plans, citing that it would uphold user privacy.

In response to Apple, Heat Initiative has officially launched its campaign website. The advocacy group issues a statement on the front page that reads, “Child sexual abuse is stored on iCloud. Apple allows it.”

“Apple’s landmark announcement to detect child sexual abuse images and videos in 2021 was silently rolled back, impacting the lives of children worldwide,” the statement continues. “With every day that passes, there are kids suffering because of this inaction, which is why we’re calling on Apple to deliver on their commitment.”

The website contains alleged case studies that detail multiple cases where iCloud had been used to store sexual abuse materials, including photos, videos, and explicit messages.

It calls on Apple to “detect, report, and remove sexual abuse images and videos from iCloud,” as well as “create a robust reporting mechanism for users to report child sexual abuse images and videos to Apple.”

The company provides a copy of a letter it sent directly to Tim Cook, saying that it was “shocked and discouraged by your decision to reverse course and not institute” CSAM detection measures.

It also includes a button that allows visitors to send a prewritten email demanding action from Apple to the entire Apple executive team.

Child Sexual Abuse Material is an ongoing severe concern Apple attempted to address with on-device and iCloud detection tools. These controversial tools were ultimately abandoned in December 2022, leaving more controversy in its wake.

The Heat Initiative is not alone in its quest. As spotted by 9to5mac, the Christian Brothers Investment Services, and Degroof Petercam are respectively filing and backing a shareholder resolution about the topic.

Apple Support app

The official @AppleSupport account was launched in 2016, and it’s primarily used to provide tips for Apple products and address customers directly. The account earned an award from Twitter that same year, thanks to its high level of engagement.

However, according to sources speaking to MacRumors, that will be coming to an end. The report states Apple is planning to eliminate its social media support advisor roles available on Twitter/X, YouTube, and the Apple Support Community forum.

The change will start beginning October 1, 2023, when Apple will stop all human replies via direct message on Twitter. Instead, according to the source, customers will receive an automated reply informing them how they can contact Apple to receive assistance.

The paid Community Specialist role that helps customers via the Support Community forum will also be eliminated. And Apple will stop offering technical support through comments posted on YouTube videos.

Reportedly over 150 employees are reportedly impacted by this change, but Apple is offering to transition them to phone support roles. One source said Apple is not allowing the employees to transition to other chat-based support roles, unless medically necessary.

The transition away from social media support is expected to be completed by the end of November. The employees who elect to make the transition to phone support will be provided with the necessary training.

Apple last updated its official Support app in August, providing more information regarding physical Apple Store locations, and more. The app, Apple’s official support website, and phone line are going to be the only official support venues going forward.

AppleInsider is unable to confirm these changes are taking place. The story will be updated with any additional information as it becomes available.

Using promo code APINSIDER at Apple Authorized Reseller Adorama, you can save $200 on top of the $1,200 instant rebate already in place, resulting in a staggering $1,400 off MSRP on the premium model that features Apple’s M1 Max chip with a 24-core GPU.

This laptop in the sleek silver finish also has 64GB of memory, double the amount found in the baseline M1 Max config. Storage comes in at a respectable 1TB, making this high-end configuration a great option for business professionals and students alike.

In addition to the $1,400 markdown on the laptop itself, the same APINSIDER coupon code drops three years of AppleCare down to $319, a discount of $80 off MSRP.

• 14″ M1 Pro (8-core CPU, 14-core GPU), 16GB RAM, 512GB SSD, Space Gray: $1,549* ($450 off)
• 14″ M1 Pro (10-core CPU, 16-core GPU), 32GB RAM, 1TB SSD, Space Gray: $1,999* ($900 off)
• 16″ M1 Pro (10-core CPU, 16-core GPU), 32GB RAM, 512GB SSD, Space Gray: $1,849* ($1,050 off)
• 16″ M1 Max (10-core CPU, 32-core GPU), 64GB RAM, 2TB SSD, Space Gray: $2,949* ($1,350 off)

If you need help activating the APINSIDER promo code at Adorama, here are step-by-step instructions to redeem the discount:

1. Shop through this pricing link and add the MacBook Pro to your cart.
2. Proceed to checkout and when you get to step 3 (Payment), look for a link with a gift icon that says: “Do you have a gift card or promo code?”
   
3. Click that link to bring up the coupon code field and enter APINSIDER. Here’s what it looks like:
   
   

There are plenty of additional bargains on hundreds of Apple products in our Price Guide. Find exclusive savings on everything from MacBook Air computers to the Apple Watch Ultra. Here are a few top offers in effect now: