iPhone Calendar Spam
With the evolution of technology, scammers are hooking their pea sized brains up to the cloud to discover new possiblities of spamming people. Here am I, presenting what to do if you are one of those unlucky guy/gal out there.
Annoying thing is these scammers don't take shame in their crafty new tricks to fool the technologically illiterate people.
Our victim today was a friend of mine, who uses smartphones like shit 💩. Bear with me, he is the same age as of me bit on the older side tho. So anyways, he showed me his phone saying that he is receiving strange notifications on his phone, almost like its hacked or something. That's when I saw this hideous contraption and I can't even express my disgust to even call this a hack. That's like insulting the art of hacking in itself.
In short, this was a malicious adware but so crafty that you average joe might consider it a virus or something. A good social engineering effort tho.
Knowing the victim's activities, the payload mentioned here found its way into his device by opening an attachment thinking about a Zoom meeting link but actually the file was of extension .ical.
That executed the payload inside his phone as an iCalendar account which resolved my question of how the notifications are updating themselves everyday. This was really simple, as the iCalendar account was actually an API from which the notifications were fetching into the victim's device.
Simple deletion of the malicious account resolved the problem.
If anyone of you are suffering from the same thing, just go to
iOS Settings > Calendar > Accounts > [THE MALICIOUS ACCOUNT] > Delete Account. You can find the API link in
Account > Server, just copy the link and paste it into your finding repo.
Also, please do share your findings with me too, coz I love torturing scammers :smiling_face_with_horns: and for any buddy here who wants to do some analysis over this, here's the bone!
Read my other entries for more juicy content!
See ya for now 👋