Apple Zero Click Spyware

Apple Zero Click Spyware - Terminal Brew
User 3301

Apple zero-click iMessage exploit allows an attacker to infect iPhones with spyware without any interaction from the end user. This vulnerability is associated to 2 CVEs that have recently been seen exploited in the wild. Security researchers are referring to the exploit chain as (BLASTPASS). BLASTPASS is being use to deploy well known commercial spyware (PEGASUS) onto fully patched iPhones. The observed exploits were said to have involved malicious PassKit attachment images sent from an attacker’s iMessage to the victim.

The two CVEs for this exploit are CVE-2023-41064 and CVE-2023-41061. CVE-2023-41064 Is a vulnerability regarding malicious images that triggers a buffer overflow, and CVE-2023-41061 is a validation vulnerability that is exploited via malicious attachment. These issues have been addressed in Apples most recent software updates for each platform it offers.

Terminal Brew recommends requiring all users to update any Apple devices to the most recent software update. In addition to further educating users about threats associated to spyware, messaging platforms and common phishing techniques.

 

Further details about this vulnerability can be found at https://www.bleepingcomputer.com/news/security/apple-zero-click-imessage-exploit-used-to-infect-iphones-with-spyware/

Related posts

  • New Backdoor targeting Apple MacOS (RustDoor) - Terminal Brew

    New Backdoor targeting Apple MacOS (RustDoor)

    New Backdoor targeting Apple MacOS (RustDoor)
  • Sandman APT - Terminal Brew

    Sandman APT

    Researchers recently discovered that the APT group Sandman, known for it's targeting of telecommunications companies, has been directly associated to a Chinese based backdoor (KEYPLUG). 
  • Cyber Threat Intel - HiatusRAT - Terminal Brew

    Cyber Threat Intel - HiatusRAT

    Cyber Threat Intel Update