A more informative technical explanation is given here: <a href="http://www.zdziarski.com/blog/?p=4140" rel="nofollow">http://www.zdziarski.com/blog/?p=4140</a><p>TL;DR: Pirated OSX apps with components that listen for iphone usb connections, which then gathers some metadata from the phone, and if the phone is jailbroken, it also grabs actual data (imessages etc) by uploading an ios backdoor component that hooks onto the commonly installed mobilesubstrate jailbreak helper.<p>Also, for non-jailbroken iphones, it uses an enterprise adhoc distribution certificate to install additional ios apps which apparently has been backdoored - article doesn't specify which apps, but apparently there's a risk that one could replace well-known apps like facebook by using the same bundle-id as the legit ones. I guess the user will be prompted on first run to accept the enterprise cert.<p>All in all it doesn't appear to exploit any vulnerabilities, just using existing features for what they are worth.
the Chinese government denied the claims and was backed by state-owned internet provider China Telecom, which said the accusation was "untrue and unfounded".<p>I cant quite put my finger on it, but an isp chiming in and saying it wasnt the government just strikes me as weird.