Agent with Federal Bureau of Investigation (FBI) recently informed the Capital Hill Staff on hardening the safety of his mobile equipment, after a contact list stolen from the personal phone of the White House Chief of Staff Susie Wils It was allegedly used to fuel a series of text messages and phone calls, which inspired him to American MPs. But in a letter to the FBI this week, one of the most tech-servant-sansadas in the Senate says that Feds are not enough to recommend more suitable safety security that most consumers have already been made in mobile devices.
A screenshot of the page before Sen Viden’s letter to FBI Director Kash Patel.
On May 29, The Wall Street Journal Informed Federal officers were investigating a secret effort to implement Ms. Wils through text messages and in phone calls that could use AI to spoil her voice. According to the journal, Wils reported that the associates had hacked their cellphone contacts, providing access to the private phone numbers of some of the most influential people in the country.
Execution of this fishing and copying campaign – whatever its goals could be – suggested that the attackers were economically motivated, and were not particularly sophisticated.
“It became clear for some MPs that the requests were suspected when the Emphersner began to ask questions about Trump that Wills should have responded – and in a case, when the Emphersner asked for cash transfer, some people said,” Journal said. “In many cases, the grammar of the copyer was broken and the messages were usually more formal than the way they communicate, those who received messages have said that calls and text messages also did not come from Wills’ phone number.”
Sophisticated or not, copying campaign was soon Punctual Minnesota House of Representative Speaker killed Emereda Melissa Hortman And her husband, and Shooting of Minnesota State Senator John Hoffman and his wife. So when the FBI agents offered to abbreviate mobile hazards to American Senate employees in mid -June, more than 140 employees took them at that invitation (considering a remarkably high number, that no food was given in the event).
But according to Sen Ron Widen ,
“It is inadequate for protection against foreign detectives using advanced cyber devices to Senate employees and other high-value goals,” Widen has written One letter Sent today FBI Director Kash Patel“Well-funded foreign intelligence agencies do not need to rely on fishing messages and malicious enclosures to infect victims with spyware. Cybercaty companies sell advanced ‘zero-clicks’ abilities to give spyware to their government customers that do not require any action by the victim.”
Wayden stressed that to help the counter refined attacks, the FBI should encourage MPs and their employees to enable anti-spyware defense that are created in Apple’s iOS and Google’s Android phone software.
These include Apple Lockdown modeWhich are designed for users who are concerned that they can be subject to targeted attacks. The lockdown mode prohibits non-necessary iOS features to reduce the overall attack surface of the device. Google Android devices are called uniform features Advanced protection mode,
Widen urged the FBI to update their training to recommend their training to many other stages, who can take their mobile devices to make less trackable, including the use of advertising blockers to guard against malicious advertisements, to disable advertising data in mobile devices and disabled advertising data in mobile devices and find out from home.
The senator’s letter stated that while the FBI has recommended all the above precautions in various advice issued in the last few years, the advice that the agency is now giving to the leaders of the country needs to be more comprehensive, actionable and immediate.
“Despite the seriousness of the danger, the FBI has not yet provided effective defensive guidance,” Wayden said.
Nicholas Weaver Is a researcher with Institute of computer scienceBurkeley, a non -profit in California. Weaver said that lockdown mode or advanced security will reduce many weaknesses, and there should be default settings for all members of Congress and their employees.
“The legalists are at risk and need to be exceptionally preserved.” “Their computer should be locked and administered well, etc. and also apply to employees.”
Weaver stated that Apple’s lockdown mode has a track record of blocking zero-day attacks on iOS applications; In September 2023, Civic lab How the lockdown mode thwarted a zero-click defect capable of installing spyware on iOS devices without any conversation with the victim.
Earlier this month, citizen lab researchers Documentation of a zero-click attack Two journalists with paragon graphite spyware are used to infect iOS devices. The vulnerability can only be exploited by sending a booby-filtered media file distributed through IMESSAGE. Apple recently updated her advice for zero-click Flaw (CVE-2025-43200), given that it was reduced as iOS 18.3.1, which was released in February 2025.
Apple has not commented on whether the CVE-2025-43200 can be exploited on equipment with lockdown mode. But helpnetscurity saw At the same time, Apple addressed the CVE-2025-43200 in February, the company fixed another vulnerability flagged by the Citizen Lab researcher. Bill marketing, Cve-2025-24200Which Apple said that was used in a very sophisticated Physical Attacking against specific targeted persons allowed the attackers to neutralize the USB restricted mode on a locked device.
In other words, the defect can be clearly exploited only when the attacker has a physical access to the targeted weak device. And as the old Infosak industry proverb, if an opponent has physical access to your device, it is most likely that you no longer have devices.
I cannot personally talk to Google’s advanced security mode, because I do not use Google or Android devices. But I have enabled Apple’s lockdown mode to all my Apple devices as it was first made available in September 2022. I can only think of the same opportunity when one of my app failed to work properly with turning on lockdown mode, and in that case I was able to add a temporary exception to that app in the settings of lockdown mode.
I was captured in my main grip with lockdown mode March 2025 column By techcrunch Lorenzo francheschi-bichaiThose who wrote about their penchers to send mysterious information from time to time that someone has been blocked by contacting you, even if nothing stops you from contacting the person directly. This has happened to me at least twice, and in both cases the person in question was already an approved contact, and said that he did not attempt to reach out.
Although it would be nice if Apple’s lockdown mode was less, less dangerous and more informative alerts were sent, sometimes a warning warning message is hardly enough to close me.
