Home / Early Warning / Cybersecurity Highlights / Google reveals how an iOS malware campaign works

Google reveals how an iOS malware campaign works

08/29/2019

In early 2019, Google’s Threats Analysis Group (TAG) notified Apple about 14 vulnerabilities affecting iPhone devices from versions iOS 10 to iOS 12. This vulnerabilities was patched on out-of-band release of iOS 12.1.4 on 7 Feb 2019.

To get infected it was enough to visit a compromised web site, and from de web server, the device was infected and a monitoring tool was installed.

After analyzing it, Google has published a series of articles explaining the magnitude and functioning of the 5 different exploits chains used in this malware campaign. This vulnerabilities affected to different system software tools, with 7 of them affecting to iPhone web browser, five affecting the kernel, and two allowing sandbox escapes. Being this two last ones 0-day vulnerabilities (CVE-2019-7287 y CVE-2019-7286).