Russian hackers exploit vulnerability to invade fully updated iPhones9
Last year, a group of Russian intelligence official executed a successful cyberattack on SolarWinds, a giant information technology firm in the United States. After compromising the company software, the Russians' attack further spread to the SolarWinds customers, spying and wreaking havoc undetected for months before the breach was discovered.
Ars Technica reports, this time going after fully updated iPhones, which are widely considered the most secure of mass consumer smartphones.It seems the hackers are now back with a vengeance,
Many "ultra-secure" iOS 14 Apple devices have been compromised
According to information from both Google and Microsoft, these same culprits managed to get their hands on an iOS 14 zero-day, which they exploited for the purpose of carrying out an e-mail campaign seeking to steal Western European government credentials for web authentication.
A zero-day, as spy-movie sounding as it is, is simply a software vulnerability which has only just become known, resulting in its developer or owner having "zero days" to fix it upon learning of it. A zero-day attack is when a malicious party exploits that vulnerability before the developer has a chance to patch it.
The zero-day vulnerability in this case (code-named CVE-2021-1879) lay in the Webkit browser engine that is used by Safari along with Mail on iOS and the App Store (among others). What the Russian hacker group—known as Nobelium—did was send LinkedIn messages to US government official, which contained links that installed malicious payloads on their victims' devices.
Unfortunately, the vulnerability was present even in fully updated iPhones, resulting in the compromisation of many government handsets before its discovery.
Apart from hacking iPhones and Solar Winds last year, Nobelium has also been discovered interfering with the 2020 Presidential Election in the United States, as well as penetrating and launching an attack against USAID (United States Agency for International Development) in recent months.
It was the head of Google's Threat Analysis Group, Shane Huntley, who first made the connection confirming that the iOS zero-day hackers were the same group involved in the USAID cyberattack. Applehas yet to make any comment on the situation.