Apple is reminding users still running older versions of iOS to update their iPhones to protect against web-based attacks carried out through powerful exploit kits such as Coruna and DarkSword.
These attacks leverage malicious web content to target older versions of iOS, triggering infection chains that lead to the theft of sensitive data.
“For example, if you use an older version of iOS and click on a malicious link or visit a compromised website, the data on your iPhone could be at risk of being stolen,” Apple said in a support document.
“We thoroughly investigated these issues as they were discovered and released software updates for the latest operating system versions as soon as possible to address the vulnerabilities and stop attacks like this.”
Users who are already using the latest version of iPhone software do not need to do anything. This includes iOS versions 15-26, which include fixes for various security flaws weaponized by exploit kits. For others, Apple recommends the following course of action:
For older devices that can’t be updated to the latest version of iOS, update to iOS 15.8.7, iPadOS 15.8.7, iOS 16.7.15, and iPadOS 16.7.15. If you have a device running iOS 13 or iOS 14, update to iOS 15 to receive the latest protection with important security updates expected to be pushed in the “coming days.” In scenarios where device updates are not an option to reduce the attack surface and protect against malicious web content and other threats, consider enabling lockdown mode when available.
“Keeping your software up to date is the most important thing you can do to keep your Apple products secure. Devices with updated software were not at risk from these reported attacks,” Cupertino said.
Apple’s advisory comes in the wake of recent reports of two iOS exploits used by multiple attackers with different motivations to steal sensitive data from compromised devices. These kits are delivered through watering hole attacks via compromised websites.
iVerify said the findings show that vulnerabilities in iOS, once exploited to selectively target individuals in state-sponsored mobile spyware attacks, are now being exploited at scale by other threat actors.
“The relative ease of deployment of this exploit and its rapid adoption by multiple threat actors in multiple countries indicates that these powerful tools are now readily available in the secondary market for less sophisticated actors,” said Spencer Parker, chief product officer at iVerify, adding that “nation-state-level mobile exploits are now available for large-scale attacks.”
“This represents a new level of scale, making pervasive mobile attacks a critical and unavoidable concern for all enterprises. Evidence supports that these exploits can be easily reused and redeployed, and it is highly likely that modified deployments are actively infecting unpatched users.”
Source link
