Apple iOS Vulnerabilities – Zero Day Attacks

August 12, 2016 Ahmed Mansour, human rights defender of the United Arab Emirates, received a malicious SMS message on his iPhone 6 (running iOS 9.3.3). The team at the Citizen Lab of the University of Toronto came to the conclusion that Mansoor had been targeted by a combined package of three zero-day exploits capable of taking control of his phone, and spying on his emails, text messages, calls, and contact lists – an assault Which Lookout’s vice president of security research and response, Mike Murray described as showing “an incredible level of sophistication and commitment.”, analyzing this message.

 


This attack chains is three zero-day attacks together to produce a “one-click jailbreak” of an iOS device.

1. Phishing attack . The hacker uses SMS text messaging or email to send their target a baited link, with suitable inducements to click on it.
2. The CVE-2016-4656: Kernel Information Leak vulnerability , which allows the attacker to calculate the location of the iOS system kernel in the device’s memory.
3. Trident kicks in once the kernel has been located and involves the CVE-2016-4657 weakness, which consists of 32 and 64-bit iOS kernel-level vulnerabilities allowing an attacker to jailbreak a device on the quiet, enjoy read/write privileges, and install their own surveillance software affecting Apple’s own brand and third-party applications.

 

Apple responded quickly enough to the results of the analysis of the University of Toronto’s Citizen Lab and released an update to iOS 9.3.5, which is strongly recommended for all iPhone or iPad users to download using Settings> General> Software Update. Besides upgrading to iOS 9.3.5, users suspecting a Trident/Pegasus infection have been advised to install the Lookout 4.4.8 app to check if their devices have already been compromised.
In conclusion, I would like to note that the Researchers at North Carolina State University, TU Darmstadt in Germany and the University of Bucharest, are on the lookout for their findings on vulnerabilities in the iOS “sandbox” feature at an upcoming security conference in Vienna. Their studies have apparently thrown up multiple weaknesses capable of allowing attackers to compromise iOS devices in various ways, using third-party apps.

 

More.