Apple implemented a security update that fixed the zero-day vulnerability, it may have already been exploited
Apple has fixed a vulnerability that could allow spyware to be installed on your iPhone via iMessage.
About the security content of iOS 15.7.7 and iPadOS 15.7.7 - Apple Support
Apple fixes zero-days used to deploy Triangulation spyware via iMessage
The vulnerabilities ``CVE-2023-32434'' and ``CVE-2023-32435'' in question were discovered and investigated by security company Kaspersky. This vulnerability could allow the iPhone to be infected with spyware, which could allow an attacker to obtain root privileges on the device and execute arbitrary code.
Kaspersky named the spyware used in this vulnerability 'TriangleDB'. TriangleDB is deployed after an attacker exploits a kernel vulnerability to gain root privileges on a targeted iOS device, but because TriangleDB is deployed in memory, all traces are lost when the device is rebooted. Lost. However, when the victim rebooted the device, the attacker was able to reinfect the device with a zero-click attack by sending an iMessage containing a malicious attachment, allowing the attack to resume. About.
``We have confirmed reports that this issue may have been actively exploited against versions of iOS released before iOS 15.7,'' Apple said. On June 21, 2023, Apple distributed a patch.
According to Kaspersky, this attack began in 2019. Kaspersky reported in early June 2023 that some iPhones on Kaspersky's network were infected with unknown spyware (TriangleDB). Kaspersky told BleepingComputer that the attack affected its Moscow office and employees in other countries.
The Russian Federal Security Service (FSB) also issued a statement regarding TriangleDB after the Kaspersky report was released, but the FSB said, ``American intelligence agencies are working with Apple to obtain information from Russian diplomats. I installed malware.' The FSB said that thousands of iPhones of Russian government officials and embassy employees of Israel, China and NATO member countries were infected with malware.
In response to this view, an Apple spokesperson said, ``We have never worked with the government to insert backdoors into Apple products, and we have no intention of working with them.''
Kaspersky has shared a detailed analysis of TriangleDB following the distribution of the patch.
Dissecting TriangleDB, a Triangulation spyware implant | Securelist
https://securelist.com/triangledb-triangulation-implant/110050/
Related Posts:
