LightSpy iOS Spyware: A Sophisticated Mobile Surveillance Threat

Researchers have identified an evolved LightSpy iOS implant with a modular architecture of 28 plugins that enable extensive surveillance (screenshots, location, contacts, messages, app exfiltration, iCloud Keychain access), audio/camera capture, and destructive actions (file deletion, history wiping, potential device bricking). The spyware leverages known WebKit vulnerabilities (CVE-2020-9802), public jailbreak techniques, and likely watering-hole delivery to target iOS devices (up to iOS 13.3), with initial evidence pointing to victims in China and Hong Kong; the report includes detection advice and promotion of mobile EDR protections.