Miguel's Blog · Serverless · Security

Miguel's Blog · Serverless · Security

Hacked via your calendar?

Hacked via your calendar?

Someone asked me, "I think I have a virus on my iPhone. Could you take a look?"

I was surprised. I did not think viruses were technically possible on iOS devices.

I agreed to help.

I asked, "What did you notice that makes you think you have a virus?"

This person replied, "I started seeing pop-ups telling me I was hacked."

I pondered the response. "What app were you using?"

"I was using the Google app."

"Do you remember what you were doing there?"

"I searched for a former president's name and clicked the search result. It didn't take me to a website. Instead, it took me back to the Google search page."

I pondered the response. How could searching a president's name get oneself hacked?

"Look!" this person said. "The pop-up is there."

I looked at the phone and saw it was a calendar reminder notification. Interesting!

I opened the calendar app and saw calendar entries with scary titles and links to potential phishing sites.

Hacking through someone's calendar?! These malicious actors are incredibly clever.

I removed the subscribed calendar account and asked this person to clear the cache from all the web browsing apps.

I used my own device to find out how this was possible. I found an article that explains it. (See the link below). Turns out this is a relatively new attack vector.

https://macsecurity.net/view/333-iphone-calendar-events-spam

I asked, "Do you remember clicking some alert when you were browsing the web?"

"Well, yes. I got an alert. It had a button that said, 'Okay, got it." So, I clicked it. I don't remember what it said."

I suppose this person clicked a malicious pop-up alert that subscribed the calendar to a malicious shared calendar.

Fortunately, this person did not click on any of the calendar notifications. The bad news: this event reminded me that cyber defenders could continue to be behind the cyber attackers. I would not have considered an attack via a calendar app.

Before You Go


Originally posted on Patreon

Photo by Estée Janssens on Unsplash

#cybersecurity-1#security#ios
Proudly part of