TechCrunch News 02月11日
Apple fixes iPhone and iPad bug used in an “extremely sophisticated attack”
index_new5.html
../../../zaker_core/zaker_tpl_static/wap/tpl_guoji1.html

 

苹果公司发布了iOS和iPadOS的更新,修复了一个漏洞,该漏洞可能被用于针对特定个人的极其复杂的攻击。该漏洞允许在锁定的设备上禁用USB限制模式。USB限制模式是一项安全功能,如果iPhone或iPad在七天内未解锁,则会阻止通过USB连接发送数据。苹果公司还发布了一项安全功能,如果设备在72小时内未解锁,则会重新启动设备,从而使执法部门或犯罪分子更难以使用取证工具访问这些设备上的数据。攻击者需要通过物理控制,使用Cellebrite或Graykey等取证设备连接到受害者的设备。

🔒苹果发布iOS 18.3.1和iPadOS 18.3.1更新,修复了一个关键漏洞,该漏洞可能被用于针对特定个人的复杂攻击,威胁用户数据安全。

⏱️该漏洞允许在锁定的设备上禁用USB限制模式,此模式原设计用于阻止设备在未解锁状态下通过USB传输数据,旨在保护用户隐私。

🕵️苹果暗示攻击可能涉及物理访问设备,攻击者可能使用Cellebrite或Graykey等取证工具连接设备,绕过安全措施并访问数据。

📰人权组织曾记录执法机构滥用取证工具的案例,例如塞尔维亚当局使用Cellebrite解锁活动家和记者的手机,并安装恶意软件。

On Monday, Apple released updates for its mobile operating systems for iOS and iPadOS, which fixed a flaw that the company said “may have been exploited in an extremely sophisticated attack against specific targeted individuals.”

In the release notes for iOS 18.3.1 and iPadOS 18.3.1, the company said the vulnerability allowed the disabling of USB Restricted Mode “on a locked device.” Introduced in 2018, USB Restricted Mode is a security feature that blocks the ability for an iPhone or iPad to send data over a USB connection if the device isn’t unlocked for seven days. Last year, Apple released another security feature that reboots devices if they are not unlocked for 72 hours, making it harder for law enforcement or criminals using forensic tools to access data on those devices. 

Based on its language used in its security update, Apple hints that the attacks were most likely carried out with physical control of a person’s device, meaning whoever was abusing this flaw had to connect to the person’s Apple devices with a forensics device like Cellebrite or Graykey, two systems that allow law enforcement to unlock and access data stored on iPhones and other devices. 

The vulnerability was discovered by Bill Marczak, a senior researcher at the Citizen Lab, a University of Toronto group that investigates cyberattacks against civil society. 

Do you have more information about this flaw, or other iPhone zero-days and cyberattacks? From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email. You also can contact TechCrunch via SecureDrop.

Apple did not respond to a request for comment by press time. 

Marczak told TechCrunch that he couldn’t comment on the record at this point.

It’s unclear at this point who was responsible for abusing this flaw, and against whom it was used. But there have been documented cases in the past where law enforcement agencies have used forensic tools, which usually abuse so-called zero-day flaws in devices like the iPhone, to unlock the devices and access the data inside.

In December 2024, Amnesty International released a report documenting a series of attacks by Serbian authorities where they used Cellebrite to unlock the phones of activists and journalists in the country, and then install malware on them. 

Security researchers said that the Cellebrite forensic devices were likely used “widely” on individuals in civil society, according to Amnesty.

Fish AI Reader

Fish AI Reader

AI辅助创作,多种专业模板,深度分析,高质量内容生成。从观点提取到深度思考,FishAI为您提供全方位的创作支持。新版本引入自定义参数,让您的创作更加个性化和精准。

FishAI

FishAI

鱼阅,AI 时代的下一个智能信息助手,助你摆脱信息焦虑

联系邮箱 441953276@qq.com

相关标签

iOS漏洞 USB限制模式 数据安全 取证工具 网络安全
相关文章
MediExcel 泄露了 50 万份患者文件
美国希望提高关键基础设施的网络弹性
IMF:2024年4月全球金融稳定报告