It could be because it was technically hard, it would be more likely to trigger downstream detection, or it could be because they had already stolen everything they wanted, or something else.... Very curious though.
Being a watering hole and going for volume, they may not have cared for persistence. Or, it could be a payload they push to certain targets after filtering initial data collection by interest.
-
-
Yeah, that’s what I was going to say. Lacking persistence is sometimes a strategy. Makes it harder to detect if rebooting the phone wipes all evidence of infection. Once they vacuumed all the data they might have valued secrecy over prolonged access.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
And they could’ve pushed a persistence payload out to the few devices they really cared about. Although once they have all your social media and Apple credentials they could’ve just turned location sharing on too.
-
From folks I've been talking to, as my knowledge is outdated, persistence on modern iOS, even with root (or even jailbreak?) Is very very hard...
End of conversation
New conversation -
-
-
Yep. Joe blow, who cares, pass. Joe Cox... you're blessed with stage 2! Enjoy!
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.