In rare cases, Google is warning iPhone users of the threat of multiple zero-day vulnerabilities that could be exploited to attack the device. In fact, the company explained that government hackers have exploited this flaw to send spyware to iPhone users.

Details of this threat were provided by Google’s Threat Analysis Group (TAG), which monitors and notifies the public of government hacking attempts. The group talked specifically about a Spanish startup called Variston, which has been developing spyware for exploiting sellers.

TAG here mentions a hack by a group working for the government that had knowledge of zero-day issues that Apple didn’t know about.

Google has placed Variston on its radar following multiple malware analyzes in 2022 and 2023.

iPhone users face a variety of security threats, but Apple is generally aware of the issues and quickly releases patches to fix the vulnerabilities. However, zero-day threats are a big concern for giants like Google and Apple, and they need further alliances to help each other avoid major missteps that could be heavily exploited. So, what makes this zero-day attack different? What methods did hackers use to exploit this issue?

According to reports, attackers sent malicious links via text messages to infect iPhones affected by the vulnerability. Doing so is often enough to allow a bad actor to gain access to a victim’s device and gain remote access to steal data and other information.

The report does not mention who used the spyware developed by Variston, but judging from the company’s information, it is likely to be a government network. In addition to Variston, Google is tracking several other companies involved in the spyware manufacturing business, such as Cy4Gate, RCS Lab and Negg.