[theshrike79]

Vulnerabilities on iOS are getting really scarce. People spend truckloads of money finding them and you need to pay twice that for the permission to burn said exploit.

That stuff isn't burned on mass hacks on random phone users, it's way too valuable.

BUT. There is a small sliver of time between the exploit being used on a high value target and Apple patching the hole. That's the spot where Joe Schmoe should be cautious.

[bennysomething]

You are probably right, but this attack only became visible because it had a bug. How many others are invisible currently? Well that's what I'm asking myself :)

[theshrike79]

A lot, but they're still only used for high-value targets. They're way too valuable to waste on some random person who happens to click a link.

[ChuckNorris89]

That's a bad argument for defense.

If it can be used on one random person then it can be used on the hundreds of millions of random persons who use iPhone and Android.

And getting even 1% of those massive user bases to click on a link and steal their money or private information, would be incredibly lucrative even for the short period until the patch rolls out, especially for the wealthier iOS userbase as a target.

In my EU country, I'm still getting regular spam SMS with links to what I presume is some older Android malware that wrecked havock last year. So, if attackers are still at it, months after a patch was rolled out, it means they must be still getting returns on their "investment".