Operation Pawn Storm appears to be the latest in a type of attack that uses jailbreak or enterprise distribution certificates to transfer spyware onto iOS devices. That means, in order to be infected, you have to first remove Apple's built-in security protection by jailbreaking, or tapping to agree to the installation of an app from outside the App Store. In other words, for most people, most of the time, it's something to be informed about but absolutely nothing to be stressed or scared by. Operation Pawn Storm was first reported by TrendLabs:
We found two malicious iOS applications in Operation Pawn Storm. One is called XAgent (detected as IOS_XAGENT.A) and the other one uses the name of a legitimate iOS game, MadCap (detected as IOS_ XAGENT.B). After analysis, we concluded that both are applications related to SEDNIT.
Ars Technica explains:
Researchers believe that the targeted devices may have already been compromised before these malware agents were installed—perhaps by being connected to Windows PCs that had been targeted by the other components of Pawn Storm.
Operation Pawn Storm is reportedly targeted at European governments and journalists, if you think you're at higher risk, make sure you don't engage in activities that are risky: Avoid jailbreaking. If you jailbreak, don't download from untrusted repositories. Don't download pirated apps, or any apps at all from outside the App Store or your own, trusted, enterprise resources. Don't click on untrusted download links that come in via email or the web. If iOS warns you an untrusted app is attempting to transfer or install itself, deny it permission to do so.
Security professionals continue to investigate it and we'll update when and as they discover more. Apple has built excellent protection into iOS, however. So, absent direct user-intervention, either intentional like jailbreak or socially engineered through phishing, the vast majority of iPhone and iPad customers don't seem to have anything to worry about right now.
