While Apple constantly works to improve the security of its devices, hackers are always looking for new ways to crack the security systems found in the iPhone, iPad, Mac, and other devices. Earlier this year, an exploit found in Apple’s WebKit (which is the Safari engine) allowed hackers to extract login information from iOS devices.
As first reported by Google’s Threat Analysis Group (via ArsTechnica), a zero-day exploit found in some versions of iOS 14 allowed SolarWinds hackers to redirect users to domains that ran malicious code on iPhones and iPads. The same hackers also targeted Windows users, according to the research.
The hacker group had been working working for the Russian Foreign Intelligence Service, who attacked devices belonging to the United States Agency for International Development. By using a malicious script, the hackers were able to send emails as if they were someone belonging to the US agency.
After some investigation, it was revealed that the same group of hackers was behind another zero-day exploit found on iOS devices. This exploit, identified as “CVE-2021-1879,” allowed hackers to collect login information from various websites, including Google, Microsoft, LinkedIn, Facebook, and Yahoo.
This exploit would turn off Same-Origin-Policy protections in order to collect authentication cookies from several popular websites, including Google, Microsoft, LinkedIn, Facebook and Yahoo and send them via WebSocket to an attacker-controlled IP. The victim would need to have a session open on these websites from Safari for cookies to be successfully exfiltrated.
For those unfamiliar with the term, a zero-day exploit is basically a newly discovered v ..
Support the originator by clicking the read the rest link below.
