Researchers discovered an actively exploited zero-click vulnerability that was part of an exploit chain aimed at deploying NSO Group’s Pegasus malware.
One of the most potent tools now on the market is Pegasus, which is quite strong. The level of competition among surveillance suppliers has also risen.
The capabilities of the Pegasus malware allow its operators access to and the ability to perform on any infected Android and iOS devices microphone recording, emails, SMS, location information, network information, browsing history, and many more.
According to Citizen Lab, the exploit chain could infect iPhones running the most recent version of iOS (16.6) without the victim’s involvement.
The researchers reported the vulnerability to Apple, which issued a fix on Thursday to address two zero-day exploits.
The BLASTPASS Exploit Chain
This exploit chain is referred to as BLASTPASS by Citizen Lab researchers. Last week, researchers discovered this zero-click vulnerability being actively utilized to distribute NSO Group’s Pegasus mercenary malware while inspecting the device of a person employed by a Washington DC-based civil society organization with international offices.
“The exploit involved PassKit attachments containing malicious images sent from an attacker iMessage account to the victim”, according to the information shared with Cyber Security News.
PassKit is a framework that enables app developers to integrate Apple Pay.
Citizen Lab quickly informed Apple of its findings and helped with their investigation. Apple released two CVEs (CVE-2023-41064 and CVE-2023-41061) in connection with this exploit chain.
This most recent discovery reveals once more how extremely sophisticated attacks and mercenary malware target civic society.
Apple’s upgrade will protect devices owned by regular users, businesses, and governments worldwide.
The BLASTPASS disclosure emphasizes the importance of aiding civil society organizations in our nation’s cybersecurity.
Update Now
Enabling Lockdown Mode is advised for everyone since it blocks this attack. Lockdown Mode is believed to prevent this specific attack, and Apple’s Security Engineering and Architecture team has verified this.
“We urge all at-risk users to consider enabling Lockdown Mode as we believe it blocks this attack”, Citizen Lab said.
Hence, all iPhone users are urged to update their devices right away.
Source: https://cybersecuritynews.com/iphone-zero-click-zero-day-exploited/
