Save up to $1,100 on Galaxy S24 Ultra!

Four zero-day flaws are exploited as iPhone units are loaded with Spyware

By
4comments
Google News Follow
Follow us on Google News
iOS Apple
Four zero-day flaws are exploited as iPhone units are loaded with Spyware
According to ArsTechnica, researchers today presented evidence showing that over four years as many as thousands of iPhone units were attacked by spyware. These iPhones were owned by employees of security firm Kaspersky in Moscow. The attackers were able to obtain a level of access never seen before and it was all done by exploiting a vulnerability in a hardware feature that not too many outside of Apple and semiconductor design firm Arm Holdings were familiar with.

It isn't known how the attackers learned about this hardware feature and even the researchers have no idea what purpose it had. Also unknown is whether the hardware was a native iPhone part or enabled by a third-party component such as Arm's CoreSight. In addition to infecting iPhone units belonging to Kaspersky employees, the spyware also affected the iPhones that were used by thousands of  people working in embassies and diplomatic missions in Russia.

How was the spyware disseminated to target iPhones? It apparently was sent through iMessage texts using a process that did not require the victim to take any action. Once infected, the iPhones transmitted microphone recordings, photos, geolocation data, and other sensitive information to servers controlled by the attackers. While rebooting an iPhone would rid the device of the infection, the attackers would send a new text loaded with spyware to the same device and re-infect it every time it was rebooted.

The Triangulation exploit chain - Four zero-day flaws are exploited as iPhone units are loaded with Spyware
The Triangulation exploit chain

In an email, Kaspersky researcher Boris Larin wrote, "The exploit's sophistication and the feature's obscurity suggest the attackers had advanced technical capabilities. Our analysis hasn't revealed how they became aware of this feature, but we're exploring all possibilities, including accidental disclosure in past firmware or source code releases. They may also have stumbled upon it through hardware reverse engineering."

Recommended Stories
The malware and the campaign that led to the installation of it were both called "Triangulation" and it contained four zero-day vulnerabilities which means that the attackers knew about these vulnerabilities before Apple did. Apple has since patched the flaws which were cataloged as:

  • CVE-2023-32434
  • CVE-2023-32435
  • CVE-2023-38606
  • CVE-2023-41990

The aforementioned secret hardware at the root of this issue and the four zero-day flaws not only affected iPhone models, it also impacted iPads, iPods, Macs, Apple TVs, and Apple Watches. Apple patched the vulnerabilities on all of the above-mentioned devices.

In a press release, Kaspersky's Larin added, "This is no ordinary vulnerability. Due to the closed nature of the iOS ecosystem, the discovery process was both challenging and time-consuming, requiring a comprehensive understanding of both hardware and software architectures. What this discovery teaches us once again is that even advanced hardware-based protections can be rendered ineffective in the face of a sophisticated attacker, particularly when there are hardware features allowing to bypass these protections."

As for who was behind the attack, some blame the U.S. National Security Agency (NSA). Russia's Federal Security Service says the attack came from the NSA working with Apple although Kaspersky said that it has no evidence that either were involved.
https://m-cdn.phonearena.com/images/users/39-200/Alan-F.jpg
Alan Friedman Mobile Tech News Journalist
Alan, an ardent smartphone enthusiast and a veteran writer at PhoneArena since 2009, has witnessed and chronicled the transformative years of mobile technology. Owning iconic phones from the original iPhone to the iPhone 15 Pro Max, he has seen smartphones evolve into a global phenomenon. Beyond smartphones, Alan has covered the emergence of tablets, smartwatches, and smart speakers.

Recommended Stories

Loading Comments...

Popular stories

Time has come to say goodbye to T-Mobile app after 12 years
Time has come to say goodbye to T-Mobile app after 12 years
T-Mobile introduces welcome change for iPhone users
T-Mobile introduces welcome change for iPhone users
AT&T wants to shut down a network with only 52 users (UPDATE: AT&T responds)
AT&T wants to shut down a network with only 52 users (UPDATE: AT&T responds)
US Cellular sells its 5G network spectrum that T-Mobile didn't get
US Cellular sells its 5G network spectrum that T-Mobile didn't get
People are hearing voices coming from their iPhone
People are hearing voices coming from their iPhone
This better not be happening: YouTube Premium users are seeing ads
This better not be happening: YouTube Premium users are seeing ads

Latest News

At 50% off, the Razr (2023) sells for just under $350, making it the most affordable foldable out there
At 50% off, the Razr (2023) sells for just under $350, making it the most affordable foldable out there
After 20+ years, Apple is finally making another dedicated camera - but the wrong kind
After 20+ years, Apple is finally making another dedicated camera - but the wrong kind
Asus ROG Phone 9 and 9 Pro specs leak once again ahead of official announcement
Asus ROG Phone 9 and 9 Pro specs leak once again ahead of official announcement
Do not use this password since it will take a hacker just one second to figure it out
Do not use this password since it will take a hacker just one second to figure it out
Google reportedly working on a Pixel Tablet 2 with keyboard case
Google reportedly working on a Pixel Tablet 2 with keyboard case
My iPhone 15 Pro Max is no longer naked thanks to a new protective and customizable case
My iPhone 15 Pro Max is no longer naked thanks to a new protective and customizable case
FCC OKs Cingular\'s purchase of AT&T Wireless