Published in Mobiles

Hackers spy on Kaspersky staff using secret iPhone feature

by on28 December 2023

If only there were some good security software to stop that sort of thing

Hackers spied on Kaspersky's staff using a secret iPhone feature that only Apple and ARM knew about.

The shocking revelation was made by researchers who uncovered the details of a four-year-long cyberattack that targeted thousands of iPhones, including Russian diplomats and embassy workers.

The hackers exploited a vulnerability in a hidden hardware feature that no one outside of Apple and ARM, the chip makers, knew existed. The feature's purpose is still a mystery, but it gave the hackers unprecedented access to the iPhones, so it was probably something like the on-off button.

Kaspersky researchers learned of the secret hardware function only after months of extensive reverse engineering of devices infected with Triangulation. In the course, the researchers' attention was drawn to what are known as hardware registers, which provide memory addresses for CPUs to interact with peripheral components such as USBs, memory controllers, and GPUs. MMIOs, allow the CPU to write to the specific hardware register of a specific peripheral device.

The researchers said the hackers had advanced technical skills and may have accidentally learned of the feature or by reverse engineering the hardware.

 “Triangulation”—the name Kaspersky gave to both the malware and the campaign that installed it—exploited four critical zero-day vulnerabilities. The company has since patched all four of the vulnerabilities.

The cyberattack was exposed in June, but it had been going on since at least 2019. The hackers sent malicious iMessage texts that installed spyware on the iPhones without the users' knowledge. The spyware recorded the users' voices, photos, locations, and other private data and sent them to the hackers' servers. The spyware was wiped out when the iPhones were rebooted, but the hackers kept sending new texts to keep the attack going.

Rate this item
(1 Vote)