Zero-click iOS malware attack via iMessage infects iPhones running iOS 15.7 and earlier – Kaspersky appeared first on MacDailyNews. Zero-click iOS malware attack via iMessage infects iPhones running iOS 15.7 and earlier – Kaspersky appeared first on MacDailyNews. Zero-click iOS malware attack via iMessage infects iPhones running iOS 15.7 and earlier – Kaspersky appeared first on MacDailyNews. Zero-click iOS malware attack via iMessage infects iPhones running iOS 15.7 and earlier – Kaspersky appeared first on MacDailyNews.
Antivirus provider Kaspersky has discovered a malware campaign targeting iPhones running up to iOS 15.7 via iMessage. Importantly, this zero-click/tap malware can be found and blocked. Kaspersky: ince it is

Antivirus provider Kaspersky has discovered a malware campaign targeting iPhones running up to iOS 15.7 via iMessage. Importantly, this zero-click/tap malware can be found and blocked.

bits

Kaspersky:

ince it is impossible to inspect modern iOS devices from the inside, we created offline backups of the devices in question, inspected them using the Mobile Verification Toolkit’s mvt-ios and discovered traces of compromise.

We are calling this campaign “Operation Triangulation”, and all the related information we have on it will be collected on the Operation Triangulation page.

This allowed [us] to move the research forward, and to reconstruct the general infection sequence:

• The target iOS device receives a message via the iMessage service, with an attachment containing an exploit.
• Without any user interaction, the message triggers a vulnerability that leads to code execution.
• The code within the exploit downloads several subsequent stages from the C&C server, that include additional exploits for privilege escalation.
• After successful exploitation, a final payload is downloaded from the C&C server, that is a fully-featured APT platform.
• The initial message and the exploit in the attachment is deleted

The malicious toolset does not support persistence, most likely due to the limitations of the OS. The timelines of multiple devices indicate that they may be reinfected after rebooting. The oldest traces of infection that we discovered happened in 2019. As of the time of writing in June 2023, the attack is ongoing, and the most recent version of the devices successfully targeted is iOS 15.7.

The analysis of the final payload is not finished yet. The code is run with root privileges, implements a set of commands for collecting system and user information, and can run arbitrary code downloaded as plugin modules from the C&C server.

It is important to note, that, although the malware includes portions of code dedicated specifically to clear the traces of compromise, it is possible to reliably identify if the device was compromised. Furthermore, if a new device was set up by migrating user data from an older device, the iTunes backup of that device will contain the traces of compromise that happened to both devices, with correct timestamps.

MacDailyNews Take: In the full blog post, Kaspersky has a somewhat technical way to identify and strip to malware from backups, but, if your device allows, update to iOS 16.5 (released May 18, 2023) ASAP.

Please help support MacDailyNews. Click or tap here to support our independent tech blog. Thank you!

Support MacDailyNews at no extra cost to you by using this link to shop at Amazon.

The post Zero-click iOS malware attack via iMessage infects iPhones running iOS 15.7 and earlier – Kaspersky appeared first on MacDailyNews.


You may also be interested in this

3 Reasons to Watch: Bad S…

Here's why you should stream "Bad Sisters," the Irish black comedy that racked up awards after its spectacular first season on Apple TV+. (via Cult of Mac - Tech and

Apple Now Accepting Trade…

Apple is now allowing customers to trade-in a Mac Studio, 13-inch M2 MacBook Air, and 13-inch M2 MacBook Pro for credit towards new Apple product purchases. As part of Apple's

Top Stories: iPhone 17 Co…

We're less than two months away from the official unveiling of the iPhone 17 family, and it seems like things are starting to firm up about just which color options

iPhone 15 Pro Max Likely …

Apple's upcoming iPhone 15 Pro models will likely be more expensive than the current models, according to Tim Long, an analyst at British bank Barclays. Long said this information is

Apple Unveils macOS 15 Se…

Apple at WWDC today announced macOS 15 Sequoia, featuring several of the new capabilities introduced in iOS 18 in addition to a new Continuity feature called iPhone Mirroring. ‌iPhone‌ Mirroring

Apple Hopes iOS 18 AI Fea…

Apple wants to ship a minimum of 90 million iPhone 16 models in 2024, reports Bloomberg. Apple is telling its suppliers and partners that it is aiming for 10 percent

Huge List of Black Friday…

Black Friday is the best time of the year to shop for tech accessories, and right now you can find some of the year's best deals offered by companies like

Even with so many demonst…

In the year 2023, it's hard to imagine there's still room for Apple to "disrupt" anything anymore, but the company aimed high with its first augmented reality headset and managed
X

A whimsical homage to the days in black and white, celebrating the magic of Mac OS. Dress up your blog with retro, chunky-grade pixellated graphics to evoke some serious computer nostalgia. Supports a custom menu, custom header image, custom background, two footer widget areas, and a full-width page template. I updated Stuart Brown's 2011 masterpiece to meet the needs of the times, made it responsive , got dark mode, custom search widget and more.You can download it from tigaman.com, where you can also find more useful code snippets and plugins to get even more out of wordpress.