Google researchers have uncovered a malicious campaign that targeted the iPhone for at least two years. According to researchers, this campaign has stopped, though they warn that there may be other ways they have not yet identified.
The security team Project Zero, announced that it had discovered some malicious websites that could be used to infringe on Apple devices, using five different personalized exploits.
The exploits used 14 different vulnerabilities that covered every release from iOS 10 to iOS 12. Apple released an update to iOS 12.1.4 in February after Project Zero researchers revealed the vulnerabilities and gave the company a week to fix them.
The Project Zero team usually follows one strict disclosure period of 90 days, but in this case it only gave a week because of the severity of the vulnerabilities.
Google Project Zero team researcher Ian Beer reported:
A simple visit to the website was enough for an attack on your device and if the attack was successful, the device would get a malicious application monitoring. We estimate that these websites had thousands of visitors per week.
The 14 vulnerabilities were in Safari and the kernel (kernel), except for two separate cases of sandbox escapes, where malicious code was able to run outside the boundaries of an application.
In short, the 5 exploits gave the attacker increased root privileges with full rights to install malware and gain access to the device's files, which sent a command and control server every 60 seconds.
But it is more worrying is that the malicious software also uploaded the devices keychain, which is used for safe storage data, (π.χ. κωδικούς πρόσβασης κωδικούς Wi-Fi, και πιστοποιητικά) από πολύ γνωστές εφαρμογές όπως: WhatsApp , Telegram, Skype, Facebook, Viber, Gmail and Outlook.
______________________
- Windows Repair Toolbox: Free Windows Diagnostics and Repair
- Champion worldwide in Cybersecurity Leadership Matrix 2019 or ESET
- Common Voice from Mozilla's anti-racist voice recognition