The security group says the mitigation may have been actively used since February 2021. The security exploit targets Apple’s image rendering library, called CoreGraphics, causing an integer overflow. These weren't just zero-day attacks, but also zero-click exploits, meaning they needed no intervention from the user to infect the device. This was how the FORCEDENTRY exploit chain infected the device with the Pegasus surveillance tech. The malicious files contained some arbitrary code that caused crashes on the phone, allowing it to be hacked. What's interesting here is that these files weren't actually GIFs, some of them were Adobe PSD files and others were PDFs. GIF files were present in the phone's iMessage app, and these had been received just before the device had been compromised.
Citizen Lab extracted a backup of the device from iTunes, and began analyzing its contents.
0 kommentar(er)
