The malicious code in question then downloaded additional payloads from a command and control (C&C) server, including exploits for privilege escalation. This triggered a vulnerability leading to code execution, without requiring any user interaction – known as a “zero-click” attack. It appears that targeted devices were sent an iMessage featuring an attachment containing the exploit. The mvt-ios utility produced a timeline of events that enabled Kaspersky to recreate what happened. Read more on Kaspersky: NSA Contractor Downloaded Backdoor to PC, Says Kaspersky Lab. “Since it is impossible to inspect modern iOS devices from the inside, we created offline backups of the devices in question, inspected them using the Mobile Verification Toolkit’s mvt-ios and discovered traces of compromise.” “While monitoring the network traffic of our own corporate Wi-Fi network dedicated for mobile devices using the Kaspersky Unified Monitoring and Analysis Platform (KUMA), we noticed suspicious activity that originated from several iOS-based phones,” it explained. The firm revealed in a blog post yesterday that “Operation Triangulation” likely dates back to 2019 and is ongoing. Russian AV vendor Kaspersky has claimed that iOS devices on its network are being targeted by sophisticated zero-day exploits.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |