Google researchers uncovered a malicious campaign targeting iPhone for at least two years. According to the researchers, this campaign has stopped, although they warn that there may be other ways that they have not yet identified.
The security team Project Zero, announced that it had discovered some malicious ones websites που μπορούσαν να χρησιμοποιηθούν για την παραβίαση συσκευών της Apple, χρησιμοποιώντας εξατομικευμένα πέντε διαφορετικά exploits.
The exploits used 14 different vulnerabilities spanning every version from iOS 10 to iOS 12. Apple issued a information with the iOS 12.1.4 upgrade in February, after Project Zero researchers disclosed the vulnerabilities and gave the company a week to patch them.
The Project Zero team usually follows one strict disclosure period of 90 days, but in this case it only gave a week because of the severity of the vulnerabilities.
Google Project Zero team researcher Ian Beer reported:
A simple visit to the site was enough for one attack on your device and if the attack was successful, the device would get a malicious tracking app. We estimate that these websites had thousands of visitors per week.
14 vulnerabilities existed in Safari and the kernel, except for two separate cases of sandbox escapes, where malicious code could run beyond the boundaries of an application.
In short, the 5 exploits gave the attacker elevated “root” privileges with full rights to install malware and access files on the device sent every 60 seconds by a command server and control.
But it is more worrying is that malware has also uploaded the device keychain, which is used to securely store data (eg Wi-Fi passwords, and certificates) from well-known applications such as WhatsApp, Telegram, Skype, Facebook , Viber, Gmail and Outlook.
______________________
- Windows Repair Toolbox: Free Windows Diagnostics and Repair
- Champion worldwide in Cybersecurity Leadership Matrix 2019 or ESET
- Common Voice from Mozilla's anti-racist voice recognition