Terrifying iPhone implant spreads just by visiting a website
A very deep dive into iOS Exploit chains found in the wild (via) is a terrifying read of an iPhone implant that installs itself just by visiting a website and exploits five different 0-day vulnerabilities.
The implant phones back home with root access to all activity on your phone: chats, mails, location, pictures, and more.
I think it is fair to criticize Apple because they allowed an unsigned process running as root, using the network and a lot of battery activity, without any kind of monitoring to detect it. That process should not have been running without being discovered.
Given that an iPhone is not a computer, and not even an advanced user could detect and/or clean the implant, Apple's responsibility should be to start being more serious about the possibility of iPhone viruses.
An awesome feat of engineering, though. Kudos to both the criminals and the researchers who detected it.
Vice has a non-geek writeup which, at first, seemed like a bit sensationalist, but given the severity of the breach is probably somewhat warranted.