Discovery of a sophisticated malware attack against iPhones
Exploited 4 zero-day vulnerabilities in a multi-faceted deadly malware attack on Apple devices
The recent “Triangulation” hacker attack targeted iPhone users using undocumented vulnerabilities. The “backdooring” method was used to gain unauthorized access to systems and spread malware via iMessage by exploiting four zero-day vulnerabilities. Analysis revealed that the attacks were successful by exploiting vulnerabilities in the iOS kernel and Safari browser. This highlights the importance of continuous advancement in cybersecurity.
Recently, an unprecedented cyber attack known as “Triangulation” came to light, which extensively affected iPhone users over a period of four years. Kaspersky analysts revealed that hackers exploited previously undocumented hardware vulnerabilities, making not only iPhones, but also other devices such as Macs, iPods, iPads, Apple TVs and Apple Watches vulnerable to this threat.
The technical term "backdooring" and its impact on iPhones
Backdooring is a technique aimed at circumventing authentication and protection mechanisms to gain unauthorized access to systems and data. In the case of Operation Triangulation, one infected iMessage was enough to spread the malware to devices of diplomatic staff in Russia, without the need for user interaction. Kaspersky's Boris Larin highlights the complexity of the exploits used, which required Apple to patch four zero-day vulnerabilities.
The technical details of the exploit and the vulnerabilities involved
The chain of exploits orchestrated by the attackers was particularly complex, making use of four zero-day vulnerabilities, identified with the codes CVE-2023-32434, CVE-2023-32435, CVE-2023-38606 and CVE-2023-41990. The attack began by sending a malicious attachment via iMessage, exploited a bug in Apple's TrueType fonts to arbitrarily execute code, and proceeded to evade security measures using sophisticated techniques.
The repercussions and advance of exploits in Apple devices
The analysis highlighted that attackers were able to exploit vulnerabilities in both the iOS kernel to manipulate it and the Safari browser to execute shellcode. This allowed them to gain root privileges and install malware on the device. This backdooring operation stands out as one of the most refined and worrying exploits, capable of revealing how even systems considered safe are exposed to emerging risks, underlining the importance for the information security community to constantly remain at the forefront in the development of solutions of innovative protection.
Follow us on Google News for more pills like this01/02/2024 15:05
Marco Verro