Google has identified a series of cyber attempts on Apple consumers’ Macs and iPhones. According to the tech titan, the hackers behind the attack are “a highly-resourced gang,” and the effort may be sponsored by the government as well.
Moreover, Google’s Threat Advisory Group (TAG) discovered the finding, which was announced in a recent blog post. According to the report, Google’s TAG team noticed the assaults in late August of this year. Apple was swiftly notified about the zero-day assaults, and the firm has already released a remedy for them.
On Apple devices, the attacks targeted two key vectors: macOS Catalina and Safari on iOS and macOS. The first was hacked by CVE-2021-30869, a zero-day vulnerability (or previously undiscovered vulnerability). TAG notified Apple about the security flaw, and Apple issued a fix on September 23. The attacks against Safari took use of previously known security flaws in the WebKit rendering engine.
According to the Google security team, these were “watering hole” attacks, which meant they were directed at a specific set of end-users via compromised websites that such individuals were known to frequent. In this example, the websites were those of a Hong Kong media outlet and a political organisation.
The target audience consisted of Apple device users who were interested in learning about the political situation in Hong Kong.
When a target user visited these websites, the attackers used the aforementioned vulnerabilities to install a backdoor on their PCs. According to TAG’s article, this backdoor might be used for a variety of operations, including audio and screen capture, file download and upload, capturing everything typed (through a keylogger), and running terminal commands on the target machine.
According to the blog article, Apple has installed “generic defences in Big Sur” to defend the operating system from the hack. The vulnerabilities are thus limited to Catalina, but because Apple still maintains the OS, it was required to deploy security fixes for it. Google acknowledged “Apple’s prompt reaction” in the blog and thanked the business for “patching this significant issue.”
Google has recently been aggressive in discovering such zero-day vulnerabilities on its own and other platforms. The firm corrected zero-day vulnerabilities in Chrome that affected Windows, Mac, and Linux users in September with the release of the Chrome 94.0.4606.61 stable channel. You may learn more about the important patch by clicking here.