avatarNov Tech

Free AI web copilot to create summaries, insights and extended knowledge, download it at here

1611

Abstract

ying mechanics of Apple products.</p><figure id="42f7"><img src="https://cdn-images-1.readmedium.com/v2/resize:fit:800/0*H2-_3if7IgHXa8F5"><figcaption>Source: texvector on <a href="http://www.freepik.com">Freepik</a></figcaption></figure><p id="36f1">According to the reports, the attacker used four zero-day vulnerabilities in the attack chain to gain root privileges on the victim’s device.</p><figure id="c46f"><img src="https://cdn-images-1.readmedium.com/v2/resize:fit:800/0*ae720XUY8CFWgdcX"><figcaption>Source: <a href="https://media.jfrog.com/wp-content/uploads/2021/03/18233248/image1.png">jfrog.com</a></figcaption></figure><blockquote id="0f08"><p>Analysis revealed that the hackers first exploited the CVE-2023–41990 vulnerability by sending an iMessage with a malicious attachment to execute a privilege extension attack program written in JavaScript. Next, they exploited the CVE-2023-32434 vulnerability to gain read and write access to memory and bypass the page protection layer through the CVE-2023-38606 vulnerability. After successfully exploiting these three vulnerabilities, the hacker could do anything with the device, including running spyware. The hackers decided to add a payload and erase all evidence of their presence. Then, they ran the Safari process in stealth mode to confirm the target. After verifying the target, they exploited a vulnerability in WebKit, recognized as CVE-2023-32435, to execute shell code. The shell code allowed them to exploit the previous vulnerability again and load malicious programs.</p></blockquote><p id="27dd">And even if the vulnerability can be

Options

closed by restarting the iPhone, an attacker can reopen the vulnerability by sending a malicious iMessage text without any clicks or other actions from the user.</p><figure id="2b93"><img src="https://cdn-images-1.readmedium.com/v2/resize:fit:800/0*zR0XlRQqVnxDEv-U"><figcaption>Source: Author</figcaption></figure><p id="d960">Kaspersky's researchers have reverse-engineered the entire attack chain and plan to release articles in 2024 on each vulnerability and how to combat it.</p><p id="7279">Interestingly, researchers have not been able to solve the mystery of the CVE-2023-38606 vulnerability; they still don’t know why an attacker would know about the hidden hardware characteristics and bypass.</p><p id="cfc8">If you liked this article, clap and comment with your thoughts. <b>Follow me to stay updated about Apple News, Tech News, and Data Science News.</b></p><div id="c97e" class="link-block"> <a href="https://readmedium.com/apple-discreetly-released-an-open-source-multimodal-llm-in-october-681cda4a65d9"> <div> <div> <h2>Apple discreetly released an open-source multimodal LLM in October.</h2> <div><h3>Firstly, a large language model (LLM) is part of an artificial intelligence (AI) program that can recognize and…</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/0*o_WWHa2YMeD42VrP.jpg)"></div> </div> </div> </a> </div></article></body>

The iPhone has suffered the biggest vulnerability attack in 2022.

The iPhone has been the victim of the most sophisticated attack in history.

Non-members can read here for free

Apple device users know Apple keeps updating iOS to address all security issues. Android, Windows, and Linux. All major operating systems will be like this, and this process will not always be safe.

Source: 9to5mac.com

In June of this year, Kaspersky reported discovering a sophisticated iMessage vulnerability called Operation Triangulation. An attacker can use this flaw to install malware on an iPhone device and capture sensitive data such as microphone recordings, photographs, geolocation, and more.

Just recently, at the Chaos Communications Conference, Kaspersky further shared everything they know about the vulnerability, calling it “one of the most technically sophisticated vulnerabilities” they have ever seen.

The attack was active between 2019 and 2022, until Apple fixed it in iOS 12.16. In the past four years, hackers have left a covert backdoor on thousands of iPhones to gain the highest level of root privileges. However, to successfully exploit this backdoor, it is essential to have a deep understanding of the underlying mechanics of Apple products.

Source: texvector on Freepik

According to the reports, the attacker used four zero-day vulnerabilities in the attack chain to gain root privileges on the victim’s device.

Source: jfrog.com

Analysis revealed that the hackers first exploited the CVE-2023–41990 vulnerability by sending an iMessage with a malicious attachment to execute a privilege extension attack program written in JavaScript. Next, they exploited the CVE-2023-32434 vulnerability to gain read and write access to memory and bypass the page protection layer through the CVE-2023-38606 vulnerability. After successfully exploiting these three vulnerabilities, the hacker could do anything with the device, including running spyware. The hackers decided to add a payload and erase all evidence of their presence. Then, they ran the Safari process in stealth mode to confirm the target. After verifying the target, they exploited a vulnerability in WebKit, recognized as CVE-2023-32435, to execute shell code. The shell code allowed them to exploit the previous vulnerability again and load malicious programs.

And even if the vulnerability can be closed by restarting the iPhone, an attacker can reopen the vulnerability by sending a malicious iMessage text without any clicks or other actions from the user.

Source: Author

Kaspersky's researchers have reverse-engineered the entire attack chain and plan to release articles in 2024 on each vulnerability and how to combat it.

Interestingly, researchers have not been able to solve the mystery of the CVE-2023-38606 vulnerability; they still don’t know why an attacker would know about the hidden hardware characteristics and bypass.

If you liked this article, clap and comment with your thoughts. Follow me to stay updated about Apple News, Tech News, and Data Science News.

iPhone
Apple
Tech
Technical Analysis
Cyberattack
Recommended from ReadMedium
avatarThe Useful Tech
Why Apple Passwords Is The Only Password Manager You Need

Read This If You Are Still Paying For A Password Manager

7 min read
avatarVasileiadis A. (CyberKid)
Detect hidden surveillance cameras with your phone

A family recently it had a big surprise on their Airbnb: a hidden camera disguised as a smoke detector in the living room, monitoring their…

6 min read
avatarShankar Narayan
Ukraine’s Drone of Fire

One more kit in the Ukranian toolbox

4 min read
avatarAndrew Blooman
Your Everyday Threat Intel: Build A Threat Hunting Platform at Home!

Learn how to Collect Open Source Threat Intelligence

5 min read
avatarJohnwege
Bitcoin: Pain on the Menu

Good times don’t last forever.

4 min read
avatarInfodigit
Top 5 Productivity Apps You Need To Try In 2024: My Secret to Getting Things Done

The Must-Have Tools to Supercharge Your Productivity.

7 min read