That’s the second attack Lockdown mode prevents, neat stuff.
With Lockdown Mode’s effectiveness tested by multiple, state-level attacks it may prove to be the most important privacy/security win for the general public since default device encryption for iPhones (and later Androids).
Hopefully Google gets the message and develops a similar feature for at least their Pixel devices. This would offer world class protection for millions of users who would not be the the type to use security focused custom ROMs but desire or need Lockdown Mode level protection on their Android device.
I won’t hold my breath for it, but who knows it may happen eventually. Google can do good security (if not privacy) when they want to as demonstrated by the Advanced Protection Program.
Hopefully Citizen Lab can make more info public as I would like to see if DNS-level protection would have been another layer of protection for this attack as well as if something like iVerify would have detected the malware post-compromise as intended.
Looks like another related attack was uncovered by Citizen Lab as well. This one involved manipulation of the cell network by the government launching the attack to re-direct the victim phone to a malicious site:
Same exploit targeted Android devices (patched Sep 5 by Google)
Lockdown mode blocked this attack as well
Is that now four lockdown successes?