It is being reported by several sources (see here) that iPhone and iPad users are being targeted as part of a massive cyber espionage campaign that is being linked, at least by one firm, to Russia.
Operation Pawn Storm is using a specially crafted iOS app to quietly steal text messages, contact lists, location information, WiFi status, a list of installed apps and to record voice conversations.
Trend Micro researchers believe that this app is a second phase attack – installed on systems that the attacker has already breached by some other mechanism, perhaps a phishing email, for example.
While Trend is not saying that Russia is behind this, FireEye, another security firm, is calling out Russia and says that it has been very difficult to attribute, but they are now convinced that it is Russia behind the attack.
Since the attack vector is unknown, it is hard to give advice on what not to do. Trend Micro says that at least some of the targets are U.S. defense contractors such as SAIC and ACADEMI (AKA Blackwater).