Skip to main content

3 iOS 0-days, a cellular network compromise, and HTTP used to infect an iPhone

posted onSeptember 25, 2023
by l33tdawg
Arstechnica
Credit: Arstechnica

Apple has patched a potent chain of iOS zero-days that were used to infect the iPhone of an Egyptian presidential candidate with sophisticated spyware developed by a commercial exploit seller, Google and researchers from Citizen Lab said Friday.

The previously unknown vulnerabilities, which Apple patched on Thursday, were exploited in clickless attacks, meaning they didn’t require a target to take any steps other than to visit a website that used the HTTP protocol rather than the safer HTTPS alternative. A packet inspection device sitting on a cellular network in Egypt kept an eye out for connections from the phone of the targeted candidate and, when spotted, redirected it to a site that delivered the exploit chain, according to Citizen Lab, a research group at the University of Toronto’s Munk School.

Citizen Lab said the attack was made possible by participation from the Egyptian government, spyware known as Predator sold by a company known as Cytrox, and hardware sold by Egypt-based Sandvine. The campaign targeted Ahmed Eltantawy, a former member of the Egyptian Parliament who announced he was running for president in March. Citizen Lab said the recent attacks were at least the third time Eltantawy’s iPhone has been attacked. One of them, in 2021, was successful and also installed Predator.

Source

Tags

Industry News Security

You May Also Like

Recent News

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th