Researchers Claim Emerging Flaw in Apple Devices Leads to Spyware Infection

Researchers Claim Emerging Flaw in Apple Devices Leads to Spyware Infection

A digital watchdog organization, Citizen Lab, reported on Thursday, Sep 7, that they had uncovered spyware associated with the Israeli company NSO. This spyware had taken advantage of a recently identified vulnerability in Apple devices.

According to Citizen Lab, they came across this vulnerability when examining the Apple device of an employee working for a civil society organization based in Washington. They revealed that the exploit had been used to infiltrate the device with NSO’s Pegasus spyware.

The vulnerability enabled attackers to compromise iPhones running the most recent iOS version (16.6) without requiring any interaction from the victim, as stated by the digital watchdog.

A senior researcher at Citizen Lab based at the University of Toronto’s Munk School of Global Affairs and Public Policy, John Scott-Railton, emphasized that civil society plays a crucial role in detecting advanced cyberattacks early. 

Citizen Labs Give Details on How the Spyware Hack Works

Citizen Lab disclosed that the two vulnerabilities have been utilized as part of a zero-click iMessage exploit chain called BLASTPASS, enabling the deployment of Pegasus on fully updated iPhones running iOS 16.6.

Citizen Lab noted that this exploit chain could compromise iPhones running the latest iOS version (16.6) without any action required from the victim. This exploit relied on PassKit attachments containing malicious images sent from the attacker’s iMessage account to the victim.

Here Are the Details of the Issues:

CVE-2023-41061: This flaw involves a problem in Wallet that could lead to arbitrary code execution when handling a malicious attachment.

CVE-2023-41064: This flaw is related to a buffer overflow issue in the Image I/O component, which could result in arbitrary code execution when processing a maliciously crafted image.

While Citizen Lab at the University of Toronto’s Munk School discovered CVE-2023-41064, Apple internally identified CVE-2023-41061 but received “assistance” from Citizen Lab in the process.

Due to ongoing exploitation, the lab has refrained from providing detailed technical information about the vulnerabilities. Nevertheless, it’s worth noting that the exploit is designed to bypass Apple’s BlastDoor sandbox framework, which is intended to mitigate zero-click attacks.

Citizen Lab revealed that these two vulnerabilities have been weaponized in a zero-click iMessage exploit chain called BLASTPASS, enabling the deployment of Pegasus on fully up-to-date iPhones running iOS 16.6.

Apple Responded to the Report by Releasing New Device Updates

Apple has responded to the vulnerabilities highlighted by Citizen Lab by releasing new device updates. These updates apply to the following devices and operating systems:

iOS 16.6.1 and iPadOS 16.6.1: iPhone 8 and newer, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later. macOS Ventura 13.5.2: macOS devices running macOS Ventura. watchOS 9.6.2: Apple Watch Series 4 and newer models

Citizen Lab has reiterated that advanced exploits and spyware from private entities are being used to target civil society groups. The company has also advised consumers to make sure their devices are up to date.

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *