Operation Triangulation Details
Researchers on Wednesday presented intriguing new findings surrounding an attack that over four years backdoored dozens if not thousands of iPhones, many of which belonged to employees of Moscow-based security firm Kaspersky. Chief among the discoveries: the unknown attackers were able to achieve an unprecedented level of access by exploiting a vulnerability in an undocumented hardware feature that few if anyone outside of Apple and chip suppliers such as ARM Holdings knew of.
[…]
The mass backdooring campaign, which according to Russian officials also infected the iPhones of thousands of people working inside diplomatic missions and embassies in Russia, according to Russian government officials, came to light in June. Over a span of at least four years, Kaspersky said, the infections were delivered in iMessage texts that installed malware through a complex exploit chain without requiring the receiver to take any action.
[…]
With that, the devices were infected with full-featured spyware that, among other things, transmitted microphone recordings, photos, geolocation, and other sensitive data to attacker-controlled servers. Although infections didn’t survive a reboot, the unknown attackers kept their campaign alive simply by sending devices a new malicious iMessage text shortly after devices were restarted.
Boris Larin (video, Hacker News):
This presentation was also the first time we had publicly disclosed the details of all exploits and vulnerabilities that were used in the attack. We discover and analyze new exploits and attacks using these on a daily basis, and we have discovered and reported more than thirty in-the-wild zero-days in Adobe, Apple, Google, and Microsoft products, but this is definitely the most sophisticated attack chain we have ever seen.
[…]
Various peripheral devices available in the SoC may provide special hardware registers that can be used by the CPU to operate these devices. For this to work, these hardware registers are mapped to the memory accessible by the CPU and are known as “memory-mapped I/O (MMIO)”.
[…]
I discovered that most of the MMIOs used by the attackers to bypass the hardware-based kernel memory protection do not belong to any MMIO ranges defined in the device tree. The exploit targets Apple A12–A16 Bionic SoCs, targeting unknown MMIO blocks of registers that are located at the following addresses: 0x206040000, 0x206140000, and 0x206150000.
[…]
This is no ordinary vulnerability, and we have many unanswered questions. We do not know how the attackers learned to use this unknown hardware feature or what its original purpose was. Neither do we know if it was developed by Apple or it’s a third-party component like ARM CoreSight.
The four flaws that constitute the highly sophisticated exploit chain and which worked on all iOS versions up to iOS 16.2 are:
- CVE-2023-41990: A vulnerability in the ADJUST TrueType font instruction allowing remote code execution through a malicious iMessage attachment.
- CVE-2023-32434: An integer overflow issue in XNU's memory mapping syscalls, granting attackers extensive read/write access to the device's physical memory.
- CVE-2023-32435: Used in the Safari exploit to execute shellcode as part of the multi-stage attack.
- CVE-2023-38606: A vulnerability using hardware MMIO registers to bypass the Page Protection Layer (PPL), overriding hardware-based security protections.
As you might recall, Russian intelligence officials claimed Apple assisted the NSA to build this malware — something which Apple has denied and, it should be noted, no proof has been provided for Apple’s involvement or the NSA’s. It does not appear there is any new evidence which would implicate Apple. But it is notable that it relied on an Apple-specific TrueType specification, and bypasses previously undisclosed hardware memory protections. To be clear, neither of those things increases the likelihood of Apple’s alleged involvement in my mind. It does show how disused or seemingly irrelevant functions remain vulnerable and can be used by sophisticated and likely state-affiliated attackers.
Previously:
Update (2024-01-05): See also: Bruce Schneier.
3 Comments RSS · Twitter · Mastodon
That's just another example of why the Apple banner at Las Vegas was just bullshit due to vanity.
https://www.iphoneincanada.ca/2019/01/05/apple-las-vegas-iphone/
Calling the access to the undocumented backdoor a "vulnerability" makes it sound like this wasn't be design. This was not a vulnerability. It was an outright backdoor, put there intentionally to allow unfettered R/W access to the device for those who knew precisely how to access it, and had the keys to the kingdom in the form of the SBOX hash required to enable it.
Here's some further information from Hector Martin (of Asahi Linux fame) on some background of that exploit https://social.treehouse.systems/@marcan/111655847458820583