Begin typing your search...

    Researchers find flaw in Apple's SoC that contributed to recent iPhone attacks

    According to the global cybersecurity firm Kaspersky, the discovered vulnerability is a hardware feature, possibly based on the principle of “security through obscurity,” and may have been intended for testing or debugging.

    Researchers find flaw in Apples SoC that contributed to recent iPhone attacks
    X

    Representative image

    NEW DELHI: A team of researchers has discovered a vulnerability in Apple System on a chip, or SoC, that has played a critical role in the recent iPhone attacks, known as Operation Triangulation, allowing attackers to bypass the hardware-based memory protection on iPhones running iOS versions up to iOS 16.6, a new report said on Friday.

    According to the global cybersecurity firm Kaspersky, the discovered vulnerability is a hardware feature, possibly based on the principle of “security through obscurity,” and may have been intended for testing or debugging.

    Following the initial 0-click iMessage attack and subsequent privilege escalation, the attackers leveraged this hardware feature to bypass hardware-based security protections and manipulate the contents of protected memory regions.

    This step was crucial for obtaining full control over the device. Apple addressed the issue, identified as CVE-2023-38606, the report mentioned.

    “This is no ordinary vulnerability. Due to the closed nature of the iOS ecosystem, the discovery process was both challenging and time-consuming, requiring a comprehensive understanding of both hardware and software architectures," said Boris Larin, Principal Security Researcher at Kaspersky’s GReAT.

    "What this discovery teaches us once again is that even advanced hardware-based protections can be rendered ineffective in the face of a sophisticated attacker, particularly when there are hardware features allowing to bypass these protections,” he added.

    As per the researchers, this feature was not publicly documented, presenting a significant challenge in its detection and analysis using conventional security methods.

    The researchers conducted extensive reverse engineering, meticulously analysing the iPhone's hardware and software integration, with a particular emphasis on Memory-Mapped I/O, or MMIO, addresses, which are critical for facilitating efficient communication between the CPU and peripheral devices in the system.

    Unknown MMIO addresses, used by the attackers to bypass the hardware-based kernel memory protection, were not identified in any device tree ranges, presenting a significant challenge, the report explained.

    “Operation Triangulation” is an Advanced Persistent Threat (APT) campaign targeting iOS devices. This sophisticated campaign employs zero-click exploits distributed via iMessage, enabling attackers to gain complete control over the targeted device and access user data.

    IANS
    Next Story