{"uuid": "9356467b-5c4d-4b62-947d-741414f7ec22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-30858", "type": "seen", "source": "https://t.me/technical_private_cat/366", "content": "Now let's talk about intruders targeting surveillance \ud83d\udd0e\n\nOur attackers are targeting a famous businessman, they want to get his personal information. \n\nOur businessman of course has an iPhone . The attackers decide to throw a virus to pegasus there to collect data . So they will use the legendary ForcedEntry. \n\nI'll tell you a little bit about it. \nIt was a bug of integer overflow in CoreGraphics, which is used to draw 2D-graphics. \nForcedEntry allowed it to send malicious PDF files to victims' devices and run arbitrary code in iOS and macOS, eventually leading to a system takeover and installation of Pegasus spyware.\nForcedEntry doesn't require a victim to open a link received in iMessages for their device to become infected. \n\nBut what's worse is another bug that is triggered called CASCADEFAIL. This vulnerability allows attackers to delete important entries from usage and process logs. In the case of ForcedEntry, this bug allowed evidence to be removed from the phone's DataUsage.sqlite file. \nThere are two separate zero-click exploits for iMessage: Kismet, targeting iOS 13.5.1 devices, and ForcedEntry, targeting the latest iOS 14 devices.\n\nIn addition to ForcedEntry, Apple has also fixed another dangerous problem in its products: another zero-day, use-after-free vulnerability, CVE-2021-30858. \nThe bug was discovered by an anonymous researcher and had to do with the Safari browser engine (WebKit).\nThe problem allowed attackers to create malicious pages that lead to commands being executed when visited from an iPhone and macOS-based device. The vulnerability was also reportedly used to attack users.\nBy spreading with the help of these vulnerabilities or other 0 deeds, the attackers start collecting data about the victim . \nAlso, attackers can use wifi networks and more to infect . \n \nThrowing the malware on the victim's phone starts surveillance.\n\nI think that's all. \nAs a conclusion I can say \ud83d\udd12\n\nAttackers' attacks can be very cunning and affect many areas. For this, be vigilant and work on protecting and updating your system. And also do not forget about the human factor, because as we see social engineering and compromising employees play a major role in many attacks. \n\nMore about the attacks themselves and their methods will be in the archive below. There will also be an interesting article about types of attackers \nThe next post in the series will be about forensics and tracking attackers in practice \ud83d\udd11\n\nThank you for reading\u2764\ufe0f\n\nAnd remember, if you go through a mirror whose glass has become like a haze, you will find yourself in a looking glass. But how to get out is a big question\ud83e\ude9e\ud83c\udf80\n#cve #exploit #snooping #malware #pentest #attackers #ios", "creation_timestamp": "2022-12-08T04:57:16.000000Z"}