You are here
Apple users may be under threat from this dangerous spyware. (Unsplash)News 

Urgent Warning: Update Your Apple Devices Immediately!

Adriana Marais , , ,

Apple products are under threat from a frightening spyware that endangers users. Kaspersky has reported that spyware has been detected on iPhones belonging to employees in its Moscow office and other nations. The spyware exploits iMessage zero-click vulnerabilities and capitalizes on iOS glitches.

How does it work? Kaspersky’s report suggested that after gaining root access to targeted iPhone or iOS devices by exploiting a kernel vulnerability, attackers install an implant called TriangleDB. This implant runs in the device’s memory, ensuring that all evidence of its existence is erased upon reboot. As a result, if the victim reboots their device, the attackers have to re-infect it by sending an iMessage with a malicious attachment, which restarts the entire exploit process. However, if there is no reboot, the implant will uninstall itself after 30 days, unless the attackers extend this time.

Who are at risk

A report by BleepingComputer shared a list of Apple products affected by the zero-day vulnerability. Check here:

  • iPhones: iPhone 8 and later iPhone models, iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation),
  • iPad: all iPad Pro models, iPad Air 3rd Gen and later, iPad 5th Gen and later, iPad mini 5th Gen and later, iPad Air 2, iPad mini (4th generation).
  • iPod: iPod touch (7th generation)
  • Macs: Macs running macOS Big Sur, Monterey, and Ventura
  • Apple Watch: Apple Watch Series 4 and later, Apple Watch Series 3, Series 4, Series 5, Series 6, Series 7 and SE

Should you be worried?

On June 22, Apple released updates for CVE-2023-32434 (Kernel) and CVE-2023-32435 (WebKit) in the natural zero days of iOS Triangulation attacks, Kaspersky researcher Boris Larin said.

That’s why you should update your iPhone, iPad, Mac or Apple Watch to get rid of spyware on your device.

A new threat ahead!

Meanwhile, the US Cyber Defense Agency CISA included an additional vulnerability in its list of known exploited vulnerabilities (KEV). This newly discovered flaw is a critical pre-authentication command injection flaw (CVE-2023-27992) that allows unauthenticated attackers to execute operating system commands on unpatched network-attached storage (NAS) devices exposed to the Internet. the report explained.

Following this recent update, federal agencies have been urged to protect sensitive devices against the newly identified vulnerabilities before June 14, 2023.

Related posts

Leave a Comment