Apple’s iPhones Were Backdoored For Four Years Using The ‘Most Sophisticated Attack Chain’ Ever, Say Security Researchers

    Date:

    Loading…

    Loading…

    Apple Inc.’s AAPL iPhones were targeted by malicious parties for four years using the “most sophisticated attack chain” ever seen by cybersecurity researchers at Kaspersky.

    What Happened: Hackers exploited an advanced iMessage vulnerability using four zero-day exploits over the course of four years between 2019 and 2022, according to details revealed by Kaspersky.

    Initially discovered in June 2023, the security firm has now revealed more details about how this iPhone backdoor campaign was carried out and which iPhones and iOS versions were affected.

    See Also: Android Banking Trojan Chameleon Is Back With Enhanced Capabilities: It Can Now Disable Biometrics To Steal Your Passwords

    While the research firm says it has observed over 30 zero-day exploits in products and services from Adobe, Apple, Google, and Microsoft, this iPhone backdoor is “the most sophisticated attack chain we have ever seen.”

    A zero-day is a vulnerability that is not known to the owners or makers of the product or service. In this case, Apple was unaware of four zero-days affecting iMessage between 2019 and 2022.

    Apple fixed these vulnerabilities in iOS 16.2 that was released in December 2022. The company has also added an additional layer of hardware security in recent iPhones to prevent hackers from obtaining full control of the device, the research firm said.

    “Our guess is that this unknown hardware feature was most likely intended to be used for debugging or testing purposes by Apple engineers or the factory, or that it was included by mistake,” Kaspersky said, seeking help from iOS security researchers to decode a vulnerability that remains a mystery for now.

    Why It Matters: Apple’s iMessage has been a vector of attacks by malicious parties for a while now.

    One of the most prominent and advanced attacks, Pegasus, used a zero-day in iMessage to allow hackers to access the microphone, camera and other features of victims’ iPhones.

    Google’s Project Zero team of security researchers called it “one of the most technically sophisticated exploits we’ve ever seen.”

    Image Credits – Shutterstock

    Check out more of Benzinga’s Consumer Tech coverage by following this link.

    Read Next: How To Turn On Apple’s Stolen Device Protection On Your Shiny New iPhone

    Loading…

    Loading…

    Go Source

    Chart

    SignUp For Breaking Alerts

    New Graphic

    We respect your email privacy

    Share post:

    Popular

    More like this
    Related

    Deal Dispatch: Honeywell, Textron And Soho House Are Making M&A Moves

    New On The Block Honeywell HON is back at it...

    Johnson Averts Shutdown But Faces Growing Pressure From Right

    House conservatives are pressuring Speaker Mike Johnson after a...

    Google Announces Major Layoffs As Pichai Stresses Efficiency

    Google GOOGL has reduced its top management roles by...