Apple Issues Update to Address Zero-Day Exploit on iPhones Targeted by Hackers
Apple has released an update to address a zero-day exploit affecting iPhones that were the target of an attack. The company believes the vulnerability lies within WebKit, Apple’s browser engine which powers Safari and other applications.
Apple users and security specialists alike should take note of this serious flaw: It allows arbitrary code execution, meaning a malicious website could take control of a user’s device without them knowing. This poses a major concern for both Apple users and hackers alike.
The Vulnerability
If you own an iPhone, it’s essential to keep it secure. Even with the latest iOS updates, hackers can still access your data or steal personal information. They may target your iPhone by stealing passwords, altering settings and installing malicious software.
Apple is warning consumers to update their iPhones, iPads and Mac computers due to a security flaw that could grant hackers complete control over your device. The flaw in Apple’s WebKit, which powers Safari web browser and iPhones and iPads running Big Sur or Catalina operating systems, allows hackers to execute arbitrary code with kernel privileges.
On Wednesday, Apple released an update that addressed this flaw and provided additional security measures for users. This update is available for iPhone 6s, 6S Plus, older models; iPad Pro (all models), iPad Air 2; Mac computers running MacOS Montecy operating systems.
In addition to the new security update, Apple also released a patch for an older vulnerability that could grant hackers full access to iPhones with Bluetooth Low Power Mode support. Bluetooth LPM is used for phone charging stations; however, if a phone has been jailbroken it allows hackers to view its internals and run spyware programs.
Other hacking techniques involve scam links and phishing websites. Be wary of public WiFi networks or clicking on suspicious links that may contain malicious content.
If you think your iPhone may have been compromised, run a security scan with top-tier antivirus software like Norton 360 to identify and fix the source of the issue. Doing so will protect you from further threats and notify you of any adjustments that need to be made in settings or apps on the device.
In addition to uninstalling any malicious apps and altering the settings on your phone, it’s also wise to reset the passwords for iCloud and Apple ID accounts. Create unique passwords for each account and change them regularly; alternatively, install a password manager on your iPhone for even easier management.
The Bug
Apple has issued an update to address a zero-day exploit that allows hackers to take control of iPhones and iPads. The issue was discovered within WebKit browser engine (which runs apps like Safari) as well as within the kernel of the operating system.
Apple issued a statement regarding this hack that could grant an attacker administrator access to devices by tricking victims into visiting maliciously designed websites. This would enable hackers to execute code on victims’ devices as if they were actually them.
Hackers could exploit this flaw to access sensitive data on users’ devices, such as their location, phone numbers and emails. They could potentially send messages or call the user without authorization and take pictures with the camera.
Apple has taken immediate action to resolve the bug. They released an emergency patch and are encouraging users to download it immediately in order to remain secure.
Apple has issued an emergency update in response to several zero-day vulnerabilities this year, including CVE-2022-22674 in Intel Graphics Driver and AppleAVD (CVE-2022-2275), both fixed earlier this year.
These vulnerabilities have been exploited by spyware companies, who break into a device’s web browser to steal sensitive information and spy on the victim. According to SocialProof Security, those in public visibility such as activists or journalists are particularly vulnerable to this kind of hacking.
Two bugs have been resolved in iOS 16.3.1, iPadOS 16.3.1, macOS Ventura 13.2.1 and Safari 16.3.1. To ensure you do not become the victim of this attack, users with iPhone 6s or later, iPad Pro models, Mac computers running macOS Monterey should download these updates immediately.
The company acknowledged an anonymous researcher for discovering the bugs, and expressed gratitude to Citizen Lab – a digital rights research group based at Toronto’s Munk School that has long been recognized for exposing government hacking practices.
Apple’s Response
Apple has released a critical update to address an exploit that hackers could have exploited to infect iPhones. The patch aims to address two vulnerabilities in the operating system’s kernel and WebKit libraries, which allow attackers to gain full control of a device.
The first vulnerability lies within WebKit, the engine behind Safari on Apple mobile devices. Security experts warn this flaw could be exploited to plant malware or spyware on any iPhone accessing a malicious website. This flaw would grant hackers access to sensitive user data such as location, contacts list, messages and microphone/camera input.
Apple issued a statement cautioning about the bugs being “potentially actively exploited,” but did not identify which threat actors are using them. Furthermore, it did not provide an exact number of iPhones affected by the issue.
One of the biggest risks posed by this bug is that it could be used to infect people’s devices without them knowing. However, researchers say this is unlikely as these types of attacks tend to be targeted and often sponsored by nation states. Citizen Lab, a Toronto-based research group which investigates nation state-backed spyware, hacking and cyberattacks, has high confidence that an Israeli hacker-for-hire firm named NSO Group was behind this attack.
Citizen Lab reports that hackers exploited this vulnerability to install spyware on an iPhone belonging to a Saudi activist. In a statement, it noted that they were able to do this by deceiving users into opening a PDF file on their device.
Rachel Tobac, CEO of social-media cybersecurity firm SocialProof, warned that the bug could have enabled hackers to impersonate a user and run any type of software on their phone. She advised those in the public eye such as journalists and activists to be especially wary when updating their phones.
These vulnerabilities are commonly referred to as “zero-day,” meaning vendors have been given zero days to fix them before they become widely exploited. As such, these flaws can be highly sought-after on the open market where cyberweapon brokers typically pay millions of dollars for them.
What is a Zero-Day Exploit?
Zero day exploits are security flaws that hackers identify and take advantage of before software developers have had a chance to fix them. These vulnerabilities have the potential to do serious harm, such as stealing data or taking down systems.
Zero day vulnerabilities are often caused by insecure computer or security settings or programming errors by developers themselves. When these flaws are discovered, software programmers usually take some time to analyze them and come up with a “patch” that fixes the vulnerability. The patch then gets integrated into an updated version of the software; however, hackers often take time to figure out how to exploit this flaw.
Zero day attacks are particularly hazardous due to this process, making a patch unlikely enough to protect against them.
Hackers typically discover zero-day vulnerabilities by scanning through the internet in search of vulnerable systems to attack. This can be done by searching for terms containing words such as “vulnerability,” “security,” or “bug.”
These searches might lead to sites where hackers can purchase or sell exploits that take advantage of a zero-day flaw to compromise a device. They’re also common in malware sold on darknet markets, hacking forums, and social media outlets.
Once a zero-day vulnerability is identified, it’s essential to patch the flaw immediately. Doing so will safeguard your data and systems from hackers who could use it to launch cyberattacks and steal personal information.
To protect against zero-day attacks, the best defense is to limit what applications you download, set a firewall and use antivirus software. You could also utilize a sandbox on your web browser to stop malware from invading its operating system.
Additionally, you can protect your data by becoming informed about zero-day attacks and understanding their usage. In addition to using antivirus software, avoid installing software whose manufacturer hasn’t authorized it for installation.
