Researchers find flaw in Apple's SoC that contributed to recent iPhone attacks


New Delhi, Dec 29 (IANS): A team of researchers has discovered a vulnerability in Apple System on a chip, or SoC, that has played a critical role in the recent iPhone attacks, known as Operation Triangulation, allowing attackers to bypass the hardware-based memory protection on iPhones running iOS versions up to iOS 16.6, a new report said on Friday.

According to the global cybersecurity firm Kaspersky, the discovered vulnerability is a hardware feature, possibly based on the principle of “security through obscurity,” and may have been intended for testing or debugging.

Following the initial 0-click iMessage attack and subsequent privilege escalation, the attackers leveraged this hardware feature to bypass hardware-based security protections and manipulate the contents of protected memory regions.

This step was crucial for obtaining full control over the device. Apple addressed the issue, identified as CVE-2023-38606, the report mentioned.

“This is no ordinary vulnerability. Due to the closed nature of the iOS ecosystem, the discovery process was both challenging and time-consuming, requiring a comprehensive understanding of both hardware and software architectures," said Boris Larin, Principal Security Researcher at Kaspersky’s GReAT.

"What this discovery teaches us once again is that even advanced hardware-based protections can be rendered ineffective in the face of a sophisticated attacker, particularly when there are hardware features allowing to bypass these protections,” he added.

As per the researchers, this feature was not publicly documented, presenting a significant challenge in its detection and analysis using conventional security methods.

The researchers conducted extensive reverse engineering, meticulously analysing the iPhone's hardware and software integration, with a particular emphasis on Memory-Mapped I/O, or MMIO, addresses, which are critical for facilitating efficient communication between the CPU and peripheral devices in the system.

Unknown MMIO addresses, used by the attackers to bypass the hardware-based kernel memory protection, were not identified in any device tree ranges, presenting a significant challenge, the report explained.

“Operation Triangulation” is an Advanced Persistent Threat (APT) campaign targeting iOS devices. This sophisticated campaign employs zero-click exploits distributed via iMessage, enabling attackers to gain complete control over the targeted device and access user data.

 

  

Top Stories


Leave a Comment

Title: Researchers find flaw in Apple's SoC that contributed to recent iPhone attacks



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.