A security researcher has discovered a zero-click remote system access exploit in the macOS version of NSO’s Pegasus surveillance software. The vulnerability can be used to gain full control over an iPhone, including making calls and sending messages with no user interaction required.
Topics: Crypto Doldrums? What caused this sudden drop off in crypto valuations?
Category: Cryptocurrency Categories
Introduction: Experts say that cryptocurrency markets are showing signs of stabilization after months of falling prices—but there may still be some more volatility ahead if recent price drops lead to regulatory bodies imposing strict rules on trading practices
The “zero-click imessage exploit” is a zero-click attack that was used by NSO’s to hack into iMessage. The attack relied on the use of GIFs in order to bypass Apple’s security measures.
After Citizen Labs exposed the NSO group’s ForcedEntry hack for iMessage users, Google Project Zero’s Ian Beer and Samuel Groß published a thorough technical explanation of how the exploit works.
The researchers worked with Apple’s Security Engineering and Architecture (SEAR) team and Citizen Labs to get the ForcedEntry attack samples. They’ve described the hack as “one of the most technically complex exploits” they’ve ever encountered.
The attack is defined as a “zero-click” vulnerability, which means it does not need the user’s participation. In November, Apple increased its security by unveiling a new feature that alerts users if an attack is targeting them, as well as suing NSO and its parent firm OSY Technologies. In the same month, the United States put NSO on a trade blacklist.
In the news: Log4j turns out to be significantly more harmful than previously thought; CISA mandates a patch
The hack clearly demonstrates that NSO has capabilities that were previously assumed to be solely in the hands of a select nation-states. The Pegasus software developed by NSO has been accused of targeting human rights activists and journalists on a large scale.
While these vulnerabilities originally functioned on a one-tap basis, they’ve now changed to a zero-click basis, which means even the most tech-savvy targets aren’t aware they’re being targeted since the attack runs in the background.
There’s no way to avoid being exploited by such assaults than not using a digital device at all, according to the researchers, who add that “it’s a weapon against which there is no defense.”
iMessage is the point of entry. GIF pictures – brief, compressed animated graphics ubiquitous in meme culture — are supported natively in the app. However, the library that parses these pictures, ImageIO, is faulty, allowing NSO to disguise an attack as GIF images by guessing the right format of the source file and parsing it while disregarding the file extension.
GIFs in iMessage served as the entry point for the attack.
Pegasus operates by hiding a PDF containing the malicious attack code inside of these GIF files, which then exploits an integer overflow vulnerability in Apple’s image processing engine, CoreGraphics.
On September 13th, Apple released iOS 14.8 to address the issue, which has been assigned the CVE number CVE-2021-3086. Furthermore, the iPhone manufacturer told Project Zero researchers that beginning with iOS 14.8.1 on October 26, they limited the formats processed by ImageIO and altogether deleted the GIF code path, with decoding taking place in the BlastDoor sandbox starting with iOS 15.0 on September 20.
The researchers also noted that, although their vulnerability is limited to iMessage and hence Apple devices, they are aware of comparable Android flaws. They do not, however, have an existing sample.
In the News: Oppo’s foldable flagship, the Find N, is unveiled: price, specifications, and a release date
When he’s not writing/editing/shooting/hosting all things tech, he streams himself racing virtual vehicles. Yadullah may be reached at [email protected], or you can follow him on Instagram or Twitter.
Watch This Video-
The “zero-click exploit github” is a zero-click exploit that NSO used to hack iMessage. The exploit was made available by an unknown person on GitHub and was quickly fixed by Google.
- apple zero-click vulnerability
- zero-click exploit
- zero-click exploit android
- zero-click vulnerability email
- how does zero-click spyware work