cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Champion

A very deep dive into iOS Exploit chains found in the wild

Project Zero team bug hunter Ian Beer explained how the collection of fourteen vulnerabilities in various components of the OS, ranging from the browser to the kernel, were chained together to covertly launch spyware on the machines of anyone who visited one of a group of "watering hole" sites.

Those exploits, designed to compromise new versions and models of the iPhone and iOS as they were released, from the iPhone 5s to the X, appeared in various combinations that were active on the sites for over two years prior to being discovered and patched.

 

All that users can do is be conscious of the fact that mass exploitation still exists and behave accordingly; treating their mobile devices as both integral to their modern lives, yet also as devices which when compromised, can upload their every action into a database to potentially be used against them.