On Monday, Apple released an update to its mobile operating system for iOS and iPads. This fixed a flaw that the company said could have been “exploited in a very sophisticated attack on a particular targeted individual.”
In release notes for iOS 18.3.1 and iPads 18.3.1, the company said the vulnerability would allow USB restriction mode to be disabled “on locked devices.” Introduced in 2018, the USB Restriction Mode is a security feature that blocks the ability for your iPhone or iPad to send data over a USB connection if the device is not unlocked for 7 days. Last year, Apple released another security feature that restarts devices if they are not unlocked for 72 hours, and uses law enforcement or law enforcement or forensic tools to access data on those devices. It’s become more difficult.
Apple suggests that attacks are most likely to be carried out under physical control of a person’s device, based on the language used in the security update. This means that anyone who abused this flaw had to connect to a person’s Apple device with forensic devices such as Cellebrite or Graykey. , two systems that allow law enforcement to unlock and access data stored on iPhones and other devices.
The vulnerability was discovered by Billmarcak, a senior researcher at the University of Toronto Group’s Citizen Lab, which investigates cyberattacks on civil society.
inquiry
Is there any more information about this flaw or other iPhone zero-day or cyberattacks? From non-work devices, you can safely contact Lorenzo Franceschi-Bicchierai with a signal of +1 917 257 1382, via Telegram and Keybase @lorenzofb, or send an email. You can also contact TechCrunch via SecureDrop.
Apple did not respond to requests for comment by press time.
Marczak told TechCrunch that he could not comment on the record at this point.
It is currently unknown who abused the flaw and who it was used against. However, in the past, cases of law enforcement using forensic tools have been documented. Usually, they abuse zero-day flaws on devices such as iPhones to unlock devices and access internal data.
In December 2024, Amnesty International released a report documenting a series of attacks by Serbian authorities. Serbian authorities used Cellebrite to unlock cell phones for activists and journalists across the country and installed them in malware.
Security researchers said Celbright forensic devices are likely to be “widely” used by civil society individuals, according to the pardon.
Source link
