Geeks for your information News Privacy & Security News v
Kaspersky researchers say that hackers exploited undocumented hardware feature to bre
Kaspersky researchers say that hackers exploited undocumented hardware feature to bre
harlan4096 Offline
MalWare Zoo Team
*******
Posts: 16,311
Threads: 10,322
Thanks Received: 9,367 in 7,513 posts
Thanks Given: 10,351
Joined: 12 September 18
#1
Exclamation  31 December 23, 09:54
Quote:Researchers at Kaspersky Lab have revealed that hackers had exploited some undocumented hardware features to breach iPhones. The target attacks were a part of the Operation Triangulation mercenary spyware campaign, which we reported about in June this year.

Alarmingly, the attacks have compromised users for about 4 years, since 2019, allowing threat actors to spy on a user's photos, location, etc.

The security analysts presented their findings at the 37th Chaos Communication Congress (37C3), held at Congress Center Hamburg, Germany. Kaspersky engineers Boris Larin, Leonid Bezvershenko, Georgy Kucherin, Igor Kuznetsov, Valentin Pashkov, and Mikhail Vinogradov investigated the Operation Triangulation attacks. The analysts had found over 30 in-the-wild zero-days in Adobe, Apple, Google, and Microsoft products. But, the attacks that targeted iPhones were the most sophisticated.

They reverse engineered the attacks to discover how the malware impacted users. The exploits were tracked under CVE-2023-32434, CVE-2023-32435, CVE-2023-38606 and CVE-2023-41990. Apple patched these security issues in iOS and iPadOS over the past year, after the security researchers reported the bugs to the company.

Operation Triangulation was a sophisticated attack

The process, as explained on Securelist.com, was quite complicated. The following screenshot illustrates how the Operation Triangulation attack chain was used to breach a victim's iPhone.


[Image: Operation-Triangulation-was-a-sophisticated-attack.jpg]

I'll outline the method here briefly. The hackers had used four zero-days that worked on iOS, to be precise, until iOS 16.2. An attacker would send a malicious iMessage attachment to an iPhone user, for example, a PDF file. The app would process it without any interaction from the user, aka it was a 0-click iMessage attack. This attachment is used for remote code execution, which was possible as a result of a vulnerability ( CVE-2023-41990) this time related to a TrueType font instruction.
...
Continue Reading
[-] The following 1 user says Thank You to harlan4096 for this post:
  â€˘ ismail
Find
Reply


Messages In This Thread
Kaspersky researchers say that hackers exploited undocumented hardware feature to bre - by harlan4096 - 31 December 23, 09:54

Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
QOwnNotes
26.5.7 Note text ...Kool — 03:54
NanaZip 6.0 Update 7 (6.0.1711.0)
NanaZip 6.0 Update...harlan4096 — 06:10
Vivaldi 7.9 Build 3970.64
Vivaldi 7.9 Build ...harlan4096 — 06:09
Thunderbird 150.0.2 & Thunderbird 140.10...
Thunderbird 150.0....harlan4096 — 06:08
Brave v1.90.121 (Chromium 148.0.7778.96)
Release v1.90.121 ...harlan4096 — 06:07

[-]
Birthdays
Today's Birthdays
avatar (45)talsmanthago
avatar (31)mocetor
avatar (46)piomaibhaict
avatar (51)kingbfef
avatar (38)izenesiq
Upcoming Birthdays
avatar (28)akiratoriyama
avatar (48)Jerrycix
avatar (40)awedoli
avatar (82)WinRARHowTo
avatar (38)owysykan
avatar (49)beautgok
avatar (39)axuben
avatar (40)ihijudu
avatar (45)tiojusop
avatar (42)Damiennug
avatar (40)acoraxe
avatar (49)contjrat
avatar (41)axylisyb
avatar (44)tukrublape
avatar (44)knigiJow
avatar (46)1stOnecal
avatar (50)Mirzojap
avatar (36)idilysaju
avatar (40)GregoryRog
avatar (45)mediumog
avatar (40)odukoromu
avatar (46)Joanna4589

[-]
Online Staff
There are no staff members currently online.

>