{"id":978,"date":"2023-09-12T07:52:51","date_gmt":"2023-09-12T07:52:51","guid":{"rendered":"https:\/\/cybersecuritynest.com\/?p=978"},"modified":"2023-09-12T07:52:51","modified_gmt":"2023-09-12T07:52:51","slug":"the-apple-zero-click-imessage-exploit-that-spread-spyware-to-iphones","status":"publish","type":"post","link":"https:\/\/cybersecuritynest.com\/?p=978","title":{"rendered":"The Apple zero-click iMessage Exploit that spread spyware to iPhones"},"content":{"rendered":"<aside class=\"mashsb-container mashsb-main mashsb-stretched\"><div class=\"mashsb-box\"><div class=\"mashsb-buttons\"><a class=\"mashicon-facebook mash-large mash-center mashsb-noshadow\" href=\"https:\/\/www.facebook.com\/sharer.php?u=https%3A%2F%2Fcybersecuritynest.com%2F%3Fp%3D978\" target=\"_top\" rel=\"nofollow\"><span class=\"icon\"><\/span><span class=\"text\">Share&nbsp;on&nbsp;Facebook<\/span><\/a><a class=\"mashicon-twitter mash-large mash-center mashsb-noshadow\" href=\"https:\/\/twitter.com\/intent\/tweet?text=&amp;url=https:\/\/cybersecuritynest.com\/?p=978&amp;via=CYBERSECNEST\" target=\"_top\" rel=\"nofollow\"><span class=\"icon\"><\/span><span class=\"text\">Tweet&nbsp;on&nbsp;Twitter<\/span><\/a><a class=\"mashicon-subscribe mash-large mash-center mashsb-noshadow\" href=\"#\" target=\"_top\" rel=\"nofollow\"><span class=\"icon\"><\/span><span class=\"text\">Subscribe&nbsp;to&nbsp;Newsletter<\/span><\/a><div class=\"onoffswitch2 mash-large mashsb-noshadow\" style=\"display:none\"><\/div><\/div>\n            <\/div>\n                <div style=\"clear:both\"><\/div><\/aside>\n            <!-- Share buttons by mashshare.net - Version: 4.0.47--><p>According to Citizen Lab, a zero-click exploit chain known as BLASTPASS was used to actively exploit two zero-days that Apple fixed today in emergency security updates to install commercial spyware from NSO Group on fully patched iPhones.<\/p>\n<p>The two bugs, followed as CVE-2023-41064 and CVE-2023-41061, permitted the assailants to taint a completely fixed iPhone running iOS 16.6 and having a place with a Washington DC-based common society association by means of PassKit connections containing malignant pictures.<\/p>\n<p>&#8220;The exploit chain is referred to as BLASTPASS by us. Citizen Lab stated, &#8220;The exploit chain was capable of compromising iPhones running the most recent version of iOS (16.6) without the victim&#8217;s interaction.&#8221;<\/p>\n<p>&#8220;The adventure included PassKit connections containing malevolent pictures sent from an assailant iMessage record to the person in question.&#8221;<\/p>\n<p>Resident Lab likewise asked Apple clients to refresh their gadgets right away and empowered those in danger of designated assaults because of their character or calling to actuate Lockdown Mode.<\/p>\n<p>The two zero-days were discovered in the Image I\/O and Wallet frameworks by security researchers from Citizen Lab and Apple. CVE-2023-41064 is a buffer overflow that occurs when maliciously crafted images are processed, and CVE-2023-41061 is a validation issue that can be exploited by malicious attachments.<\/p>\n<p>Both enable unauthorized code execution on unpatched iPhone and iPad devices by threat actors.<\/p>\n<p>With improved logic and memory handling, Apple fixed flaws in macOS Ventura 13.5.2, iOS 16.6.1, iPadOS 16.6.1, and watchOS 9.6.2.<\/p>\n<p>The following devices are on the affected list:<\/p>\n<p>Apple has fixed a total of 13 zero-days exploited to target devices running iOS, macOS, iPadOS, and watchOS since the beginning of the year, including: iPhone 8 and later iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later<\/p>\n<p>two zero-days in July (CVE-2023-37450 and CVE-2023-38606),<\/p>\n<p>three zero-days in June (CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439),<\/p>\n<p>four zero-days in May (CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373),<\/p>\n<p>and another WebKit zero-day in February (CVE-2023-23529).<\/p>\n<aside class=\"mashsb-container mashsb-main mashsb-stretched\"><div class=\"mashsb-box\"><div class=\"mashsb-buttons\"><a class=\"mashicon-facebook mash-large mash-center mashsb-noshadow\" href=\"https:\/\/www.facebook.com\/sharer.php?u=https%3A%2F%2Fcybersecuritynest.com%2F%3Fp%3D978\" target=\"_top\" rel=\"nofollow\"><span class=\"icon\"><\/span><span class=\"text\">Share&nbsp;on&nbsp;Facebook<\/span><\/a><a class=\"mashicon-twitter mash-large mash-center mashsb-noshadow\" href=\"https:\/\/twitter.com\/intent\/tweet?text=&amp;url=https:\/\/cybersecuritynest.com\/?p=978&amp;via=CYBERSECNEST\" target=\"_top\" rel=\"nofollow\"><span class=\"icon\"><\/span><span class=\"text\">Tweet&nbsp;on&nbsp;Twitter<\/span><\/a><a class=\"mashicon-subscribe mash-large mash-center mashsb-noshadow\" href=\"#\" target=\"_top\" rel=\"nofollow\"><span class=\"icon\"><\/span><span class=\"text\">Subscribe&nbsp;to&nbsp;Newsletter<\/span><\/a><div class=\"onoffswitch2 mash-large mashsb-noshadow\" style=\"display:none\"><\/div><\/div>\n            <\/div>\n                <div style=\"clear:both\"><\/div><\/aside>\n            <!-- Share buttons by mashshare.net - Version: 4.0.47-->","protected":false},"excerpt":{"rendered":"<p>According to Citizen Lab, a zero-click exploit chain known as BLASTPASS was used to actively exploit two zero-days that Apple fixed today in emergency security updates to install commercial spyware from NSO Group on fully patched iPhones. The two bugs, followed as CVE-2023-41064 and CVE-2023-41061, permitted the assailants to taint a completely fixed iPhone running [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":902,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":"","_links_to":"","_links_to_target":""},"categories":[10],"tags":[162],"class_list":["post-978","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-vul-mal","tag-twitter"],"aioseo_notices":[],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=\/wp\/v2\/posts\/978"}],"collection":[{"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=978"}],"version-history":[{"count":1,"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=\/wp\/v2\/posts\/978\/revisions"}],"predecessor-version":[{"id":979,"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=\/wp\/v2\/posts\/978\/revisions\/979"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=\/wp\/v2\/media\/902"}],"wp:attachment":[{"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=978"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=978"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecuritynest.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=978"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}