https://wccftech.com/focused-attack-iphone/

Earlier this month, a highly focused social engineering attack against a targeted group of iPhone users was discovered. Running through bogus Mobile Device Management (MDM) servers, attackers were found infecting iPhones in a highly sophisticated attack. Using physical access and/or social engineering tricks, certificates from two rogue MDM servers were installed on targeted iPhones and then attackers pushed out modified versions of legitimate apps, including WhatsApp and Telegram, to spy on their targets.

These modified apps were deployed on 13 iPhones via bogus MDM systems, with hackers ultimately getting the ability to track their targets’ locations and read their communications. While it was believed to be a limited attack targeting only a handful of victims in India, it now appears that the campaign could be much broader than previously believed.