STE WILLIAMS

Apple has pushed out a security update for iOS after super sophisticated spyware was found exploiting three zero-day flaws.

The iOS 9.3.5 update plugs three holes that, according to researchers, have been weaponized for use in the Pegasus spyware kit, a commercial malware package reportedly being sold for use in state-sponsored attacks.

The three vulnerabilities are:

• CVE-2016-4655 An input validation flaw that could potentially allow iOS kernel memory contents to be viewed by an installed app.
• CVE-2016-4656 A remote code execution from memory corruption flaw in iOS kernel that can be exploited by an installed app.
• CVE-2016-4657 A remote code execution flaw in WebKit that would allow an attacker to “jailbreak” and install malware on an iOS device by way of a specially-crafted webpage.

Researchers with Citizen Lab and Lookout report that the iOS exploit, dubbed Trident, was being sold as part of the Pegasus spyware package and used to infect the mobile devices of dissidents and journalists.

The report names NSO Group, an Israeli security company previously associated with government spyware efforts, as the creator of the Pegasus kit.

The researchers were tipped off to the attack by Ahmed Mansoor, a UAE-based human rights activist who has previously been targeted by state-sponsored hackers for spyware attacks.

The New York Times has reported that the malware was also used against their employees in a targeted attack.

While the risk that most iOS owners would be targeted by the Trident malware is low, anyone running an iPhone 4S, iPad 2, or 5th generation iPad Touch should update their device as soon as possible now that the details of the flaws have been made public. ®

Sponsored:
The Nuts and Bolts of Ransomware in 2016

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2016/08/25/update_your_ios_devices_now_theres_an_apt_in_the_wild/