Apple has announced on Wednesday that it has resolved two security deficiencies found in iPhones and iPads, which were exploited to hack devices in Russia. These flaws were part of a significant campaign that Russian intelligence attributed to the United States, Washington Post reported.
The credit for discovering these flaws goes to researchers from Kaspersky Lab, a Russian security software maker. Kaspersky had revealed three weeks ago that its senior employees were among the targeted individuals. Simultaneously, Russia's Federal Security Service (FSB) accused the National Security Agency (NSA) of being responsible, but no evidence or explanation was provided to support this claim. The NSA has not responded to this accusation.
According to Kaspersky, the attack method involved sending a malicious attachment via iMessage. Even without opening the message, the recipient's device would become infected, enabling the attacker to execute any desired code. Restarting the device would remove the infection, so experts recommend regular restarts. Apple's optional Lockdown Mode also protects against these attacks.
Kaspersky has now provided further information, disclosing that the malicious code installed after the infection had 24 commands. These commands included extracting passwords from Apple's Keychain, monitoring locations, and modifying or exporting files.
Georgy Kucherin from Kaspersky stated, "As we investigated the attack, we discovered a sophisticated iOS implant with numerous intriguing characteristics." Kaspersky named the attack "Triangulation" and has released tools, along with others, to help users check if their devices are infected.
Apple confirmed that the fixes would safeguard iPhones running iOS 15. 7 or older
Read more on tech.hindustantimes.com