Kaspersky, a cybersecurity company, reports the discovery of a highly advanced malware attack targeting Apple devices with iOS. The attack, named Operation Triangulation, exploits previously unknown vulnerabilities in Apple’s hardware security. Described by Kaspersky as the “most sophisticated attack chain” observed to date, the campaign has been active since 2019. It utilizes four zero-day exploits combined to create a powerful attack chain, enabling attackers to gain extraordinary access to iOS devices running versions up to iOS 16.2.
One of the key elements of this attack is a malicious attachment sent through iMessage, which is automatically processed without any user interaction. This attachment leverages multiple vulnerabilities, including flaws in the FontParser component, the kernel, and WebKit, to ultimately install spyware modules and collect sensitive information from the targeted device.
Of particular interest is the CVE-2023-38606 vulnerability, which allows bypassing hardware security for sensitive kernel memory areas. This vulnerability utilizes memory-mapped input/output (MMIO) register accesses, a previously unknown and undocumented feature. It is unclear how the Operation Triangulation attackers discovered this vulnerability and whether it was created by Apple or an external third-party component.
Boris Larin, a researcher from Kaspersky, speculates that the unknown hardware feature exploiting CVE-2023-38606 likely served debugging or testing purposes, or it could have been accidentally included. Regardless of its origin, this vulnerability plays a crucial role in the success of the attack campaign, enabling attackers to gain full control over compromised systems.
This discovery highlights the importance of hardware security and the potential risks associated with relying solely on “security through obscurity.” The attack demonstrates that even the best-protected systems can be compromised when previously unknown vulnerabilities are exploited.
In a separate development, it has been reported that Apple’s warnings about state-sponsored spy attacks on Indian journalists and opposition politicians in October were met with skepticism by the Indian government. Officials demanded alternative explanations for the warnings and asked Apple to retract them, suggesting a possible attempt to downplay the political consequences of surveillance allegations.
As this investigation continues, it becomes evident that cybersecurity threats are becoming increasingly sophisticated, and both software and hardware vulnerabilities must be promptly addressed to protect users’ privacy and security.
FAQ:
The source of the article is from the blog kewauneecomet.com