Mismatched Trust Store Version on iOS 16.5

Oh new weird scary issue… I chatted on my message app with “Apple Support” today. When checking their icon in my messages it took me to the actual name of who I was speaking to. It read Apple Electronics Store lmao. When I asked the chat guy he said that it’s because the brand of apple is the electronics store omg! He went on to say more too. Then at the end of the chat I was invited to complete a survey and the address is feedback.applesurveys.com!! It’s not even an apple domain! So I’m pretty sure the hackers were chatting to me to get more info from me. Like my new phone number I had just gotten today hoping to fix this problem. I’ll have to get another new one now. But maybe you can verify if that is an apple website. From what I found it’s feedback. Apple.com. I’ll include photos as I thought it was pretty funny this guys explanation for why his apple impersonation was below the mediocre line at best.

T3ddy19 wrote:

Still going on, finding out more however, and many similar attacks to gov as well.

Those users who are a negligible fraction of a billion or so devices in use, too; unusual or special cases.

If you are senior in government or major private organization, have access to sensitive or classified data, or access to great wealth, or a dissident or investigative journalist, or have personally annoyed somebody very rich, beat get assistance with your security. Assistance with your security which stretches well beyond iOS, too.

In general, follow what Apple suggests here: Personal Safety User Guide - Apple Support as well as running Safety Check, two-factor authentication, unique and robust passwords, keeping on current hardware and iOS, maybe Lockdown Mode, maybe add security tokens / security keys, and maintain an awareness of phishing and other common schemes and scams.

The root certificate is not from a Xfinity app. I don’t even have an Xfinity app. Are you for real? I know you know these things if you’re a level 10 whatever. This cert showing up in that place on the iPhone means iOS can’t validate the trust chain of the signing CA. Root certificates installed by either a MDM or on supervised devices disable the option to change the trust settings. Exactly my problem is I am unable to toggle off this certificate. (See my photos) My phone is totally hacked! Even you I’m talking to is probably part of the hack. Either that or you are just not wanting to see that this is a problem. My phone is not suppose to be supervised. Can you tell me why would it be supervised and by who? FML

Still going on, finding out more however, and many similar attacks to gov as well. Search on my posts, make sure to use the 3 instead of E for more info. I don’t have enough upvotes to publish tips! I did receive one, but it was not counted?

I found some thing on the developer website suggesting it has to do with device management. Performing a WS-Trust login request

Create a WS-Trust login request using the metadata exchange data (MEX) response.

DOCUMENTATION

ARTICLE

Objective-C I

Swift

Configuring a Trust

Work around a recoverable trust failure.

DOCUMENTATION

ARTICLE

Objective-C 1

Swift

Version Number- Glossary

The version number (CFBundleShortVersionString) is a user-visible string that represents the bundle version with a required format of three period-separated integers (0-9).Each integer provides information about the release in the format...

SUPPORT

Performina manual server trust…

….. I also found this regarding the trust asset version 8:09 1

•Il 5G: C

<

Today

7:20 AM

Edit

Hello 007kc4L,

It sounds like you have some questions about a trusted certificate on your iPhone.

We can definitely understand the concern, and we are happy to help.

Is this device a personal device, or is it a work managed device? Your settings seem to appear as expected.

If this is a personal device, then to trust a certificate and turn it off, follow this article:

Trust manually installed certificate profiles in

¡OS and iPadOS

If this is a work device, then we would suggest reaching out to your IT administrator.

We hope this helps!

Cheers!

Less

Bosede12- wrote:

Face ID issues

For assistance with Face ID: If Face ID isn't working on your iPhone or iPad Pro - Apple Support

If you have gone through that sequence without resolution, then your iPhone or iPad TrueDepth hardware may have failed, and you’re headed for a repair or replacement if you want Face ID working again. Contact Apple Support, and discuss your options and alternatives.

The certificate trust store discussed in this thread is entirely unrelated to Face ID.

Mr Hoffman, mine has the same trust store, but 1002 as the trust asset version. My phone has been doing many crazy things (and the iPads) since I was in the hospital in 2021, and I’ve replaced phones as well. I’ve had a lot of software that was fraudulently downloaded (some free, some not), but reformatting or even buying a new phone does not help. It has a screen recorder downloaded, the icon showed up on that, but in downloads. When I go to the site, it starts recording and continues for 45 minutes, then sends a link that I can’t access (just in example of many many issues). It also has a “managed” Wi-Fi hotspot that when running, the IP resolves to Apple. I understand Apple only issues a Wi-Fi hotspot if you have an MDM. I can’t control or use the hotspot, but it will connect then connect to other iPads and windows devices. It shows Internet traffic using Bluetooth! And even with location services off, the Wi-Fi hotspot will come on. I have 2 detectors, either will pick it up. I disconnected my internet about 4 months ago, I don’t know if this hotspot was there before or not. But my device, and everything on it is compromised.

Hello Mr Hoffman,

I know you can initiate a screen recorder on Apple, but this is done covertly using a program that I did not download. Many programs, such as “email organizers” have been used to delete all email (on one account). Four methods (that I’m aware of, will automatically delete or send to invalid email things like Apple password resets, also emails to and from security venders, and many more. In some cases, JavaScripts under shortcuts have been used to create fake emails from me. Many seemingly very “skilled” methods have been used that I’ve never seen before. No programs are visible, but the activity from the programs is visible, and I receive emails from one vender who I’ve been trying to get help to remove this recording program. One email account is redirected to a fake page, it appears legit, but excludes things like “view source”, and much more. I’m able to see these changes, but would prefer not to mention on a public forum.

It just keeps getting worse! My home alarm was compromised by the stolen mini 2, and people come in my home if I leave it unattended. I had a camera running that picked up activity. But I must avoid topics not related to Apple. Many native Apple settings were also used, airdrop when someone was in range, another native app used to spoof phone calls, so many more. Prior to all of this, I’d never given Apple Security a second thought.

BTW, my carrier told me I don’t have a WI-FI hotspot, even though I’ve seen it in action. If unplugged my network, then a device connected to Wi-Fi, then it used Bluetooth to connect to as many as 4 devices, both Apple and Windows. The Bluetooth activity shows as the source for certain activity.

since I’d been in IT forever it seems, I had a lot of equipment. All has been destroyed. Sometimes a reformat will help, but as soon as it’s connected, it’s compromised within minutes. It’s so fast, I guess it’s persistent or automatic. On some devices, it deletes my credentials, so I can’t log on.

Most activity appears to be native Apple, or unauthorized downloads. The icons will show for a day or two, then they are hidden. It seems so advanced. Who could know programming languages (87 scripts under shortcuts), other languages that were downloaded from the App Store, multiple OS, IOS, Windows, Unix, Linux, various routers, printers. IoT, more.

Im thinking it might be MaaS, due to extreme nature and complexity. I’ve read you can get this from the dark web, but I’ve never looked there. Either that, or someone with an unimaginable skill set!

I know there have been a recent increase is Apple C&C tools, such as another Pegasus (with a new name), and another one, can’t recall the name without looking.

Anyway thanks for the info.

So, you do a great deal of programming? I found a lot of JavaScript programs created under “short cuts”, it included using port 22 under ssh to my router, I guess to get the SAM file? I’m not sure. I had about 87 other programming scripts as well, at least a couple were transferring files to downloaded (not by me) cloud services (not Apple). All of my personal data is gone now. Another program from the App Store provides the capabilities to use other programming languages. I’ve noticed that scripts that seem innocent actually do something completely different. I don’t know where the file definitions are kept (Internet?). I can say some are not good at all! But I guess any device could use various programming languages? I did a little programming, but over 40 years ago. Relational databases using VB. Later on, I did some web pages using mostly html. I’ve been able to decipher some of the JavaScript, but not when words actually refer to something completely different. I wish I knew a forensics person that could help me, but I can’t find one. Even my incoming WI-FI network is compromised. I’ve seen several others with identical issues, if they don’t get deleted. I wish Apple would allow the posts to go through. I know someone got an older iPad while I was very sick, that’s where it started, then downloaded and hidden programs, I’d see the icon for a day or so, (MDM being one of the first), then email manipulation apps (with good intent used for bad reasons), screen recorders, and so on. And so much more. I have some of the scripts, but wouldn’t want to post them.

One Lady has been experiencing this for 4 years! I’m getting there. I disconnected cables to router and modem, but a Wi-Fi connection is still being used! I’ve tried everything. I’m trying to get everything together and get rid of everything, but can’t identify “everything”. I know it’s PCs, phones, iPads, IoT, more things I’m hesitant to say. And once the programs are installed, the icons no longer show up anywhere, but the activity is still happening. Sigh.

Hi Teddy,

Soooo how long has this been happening to you? Im so sorry it is. I have found through out the almost 7 years now of enduring this, the saddest part is feeling hopeless. People who are not being attacked and abused like this just dont understand. They think this is not possible, it's outrageous. I wish it were. Most people will not fully believe you. They will be skeptical. The more I see this, I am just happy to know the majority of people are still in the real world, where everything works, things go their way, it's easy for the most part. It makes me happy most people will never need to experience this awful terrible existence. I remember when it started happening....I was driving around my beautiful dream car in West Hollywood on vacation loving life. When I realized what was happening I was in shock. I cried. I knew I would loose everything..what was even worse is knowing myself so well, how strong I am, I knew unfortunately I would survive to see to much of this. Two close friends of mine knew what I was talking about. They died the first year this started happening to me. I could have only been so lucky. I hope this message finds you well.

It all started for me in 2018 as well. That is weird ha? In May 2018. I agree with your Bluetooth issues. My Bluetooth has turned on a lot on its own. One day you would not believe this. I had gone through several phones in the first month of this happening while in Hollywood and I had them all in my car. I took the SIM cards out after realizing none would work correctly. What made the hacking so obvious for me was not being able to get real information on the web. The web used to work perfectly for me. Whatever I needed to know I could. But after they compromised my phone, I have not for the most part been able to get correct information again. That to me is the most annoying thing! Anyway so I took my sims out and powered down the iPhones , androids, iPads, etc. In the morning I was driving home from LA and all at once every single phone , iPad everything all turned on at once. I realized then how sophisticated this was. How it must be? . I mean who else could do these things? Who do you think it is? That is when I ripped the gps off my dash and threw it out the window. I didn’t go home that day as planned. I went to San Francisco. I was trying to escape these people. I really wonder why I was put in this list of people who are doomed. It’s only a matter of time till we loose it.

I AM HAVING THE EXACT SAME ISSUE AS YOU! have you resolved this? My whole family has the AAA cert and it’s like we are in a sandbox of developers (which I am definitely not and my mom and husband are not either!)

If you are referring to this article where they are referring to iOS 16 and not iOS 16.5 --> List of available trusted root certificates in iOS 16, iPadOS 16, macOS 13, tvOS 16, and watchOS 9 - Apple Support (IN)

iOS 16, 16.3, and 16.5 have different Store Versions and Asset Versions. Please go through my entire post

This is the correct trust store version for iOS 16.5 - 2023032800. Please see the pic below on iOS 16.5 iPhone 12 Pro.

Learn about Available trusted root certificates for Apple operating systems - Apple Support

This is part of iOS updates which can be clearly seen below

All my devices, iPhone 8 (iOS 16.0), iPhone 12 Pro (iOS 16.1.1) & iPhone 13 Pro on iOS 16.1.1 also iPad Pro on iPadOS 16.1 are with Trust Store Version: 2022070700 and Trust Asset Version 18

iPhone SE (1st Gen) iOS 15.7 2022031500 and Trust Asset Version 18

Earlier, iPhone 8, SE (1st Gen), iPhone 12 Pro & iPhone 13 Pro on iOS 15.6.1 also iPad Pro on iPadOS 15.6.1 all are with Trust Store Version: 2022031500 and Trust Asset Version 17

iPhone 6 iOS 12.5.5 Trust Store Version 2018121000, Does not have Trust Asset Version

After updating my iPhone 6 to iOS 12.5.6 it still has Trust Store Version 2018121000, Does not have Trust Asset Version

There is an old discussion thread on Trust Asset Versions that may help you understand --> Trust asset version 11. - Apple Community

Please check the iOS versions on each device again

Learn about Available trusted root certificates for Apple operating systems - Apple Support

This is part of iOS updates which can be clearly seen below

iPhone 12 Pro iOS 16.3 Trust Store Version: 2022070700 and Trust Asset Version 20

iPhone 8 iOS 16.2 Trust Store Version: 2022070700 and Trust Asset Version 20

iPad Pro 9.7" iOS 16.2 Trust Store Version: 2022070700 and Trust Asset Version 20

iPhone 13 Pro iOS 16.2 Trust Store Version: 2022070700 and Trust Asset Version 20

I may have missed Asset Version 19

All my devices, iPhone 8 (iOS 16.0), iPhone 12 Pro (iOS 16.1.1) & iPhone 13 Pro on iOS 16.1.1 also iPad Pro on iPadOS 16.1 are with Trust Store Version: 2022070700 and Trust Asset Version 18

iPhone SE (1st Gen) iOS 15.7 2022031500 and Trust Asset Version 18

Earlier, iPhone 8, SE (1st Gen), iPhone 12 Pro & iPhone 13 Pro on iOS 15.6.1 also iPad Pro on iPadOS 15.6.1 all are with Trust Store Version: 2022031500 and Trust Asset Version 17

iPhone 6 iOS 12.5.5 Trust Store Version 2018121000, Does not have Trust Asset Version

After updated my iPhone 6 to iOS 12.5.6 it still has Trust Store Version 2018121000, Does not have Trust Asset Version

There is an old discussion thread on Trust Asset Versions that may help you understand --> Trust asset version 11. - Apple Community

Hi, I bought this iPhone from Trust store version 2023032800 or Trust asset Version 20 and this is the 11 Pro Max iPhone. I did insert my previous phone number SIM card in it but I can’t cause it says CARRIER LOCK AND THIS DEVICE MIGHT BE RESTRICTED TO THE ORIGINAL CARRIER AND OR HAVE CERTAIN CAPABILITIES LIMITED. the previous carrier has to unlocked or confirm that’s all I’ve wanted please and thank you !

Your issue has nothing to do with the Trust Store Version; see the post right above yours. You bought a phone that is locked to a carrier. iPhones bought directly from Apple are not carrier-locked, but all other iPhones are.

You will have to ask the seller what carrier it is locked to, and either use the same carrier or contact the carrier and ask them to unlock it→How to unlock your iPhone for use with a different carrier - Apple Support.