Several major news outlets have recently reported that hackers were able to remotely infect iPhones with surveillance software. This attack was carried out using two compromise methods. The first did not require users to install any app and was enabled by visiting websites containing browser and kernel vulnerabilities. Besides visiting a website no further interaction was required by users. The second capitalised on a major vulnerability in the messaging app, WhatsApp.
CBG is working with an innovative cyber vendor whose technology is capable of detecting targeted intrusions leveraging vulnerabilities, such as the ones disclosed by Google Threat Analysis Group / Project Zero. This is done by means of automatically analysing anomalous activities on iOS devices triggered by such intrusions. The technology is a Digital Forensics and Incident Response (DFIR) solution designed to uncover anomalies on iOS devices including inconsistencies in applications and the operating system, and detects threat operators in all phases of the iOS forensics phase:
1. Initial device logs extraction to identify attacker’s mistakes during exploitation phase
2. Advanced logs extraction – detection of the payload
3. Full device analysis utilising Apple’s own standards of analysis
This enables organisations to discover advanced attacks targeting various operating systems, including Windows, Linux, and iOS devices through application and operating system vulnerabilities. (It is important to note that no user or PII data is taken from the affected device. Only anonymised device logs are extracted using Apple’s standard protocols for analysis.) If you suspect that you, or one of your customers, may be a victim of Cyber espionage or have observed suspicious or abnormal behaviour, contact us now for immediate assistance.
This vendor is currently working in stealth mode, but with an NDA in place we can discuss the solution with you in full detail.
Please contact us via email firstname.lastname@example.org or call +44 (0) 1223 843903
CBG is also in the process of beta testing to deliver an Apple mobile device assessment service based on this technology, we will keep you updated with further information in due course.
Find out more about our services:
Related Articles:One size doesn’t fit All