In August, hackers exploited loopholes in macOS and iOS to install malware. Their objective: to collect data from users connecting to the media or to Hong Kong pro-democracy sites.
As the case proved by the Threat Analysis Group of (TAG). Since at least the end of August, hackers have been exploiting , in other words breaches unknown so far, on Apple devices that have logged into Hong Kong-based pro-democracy and media sites. Compromise, these sites made it possible to install a stolen (backdoor) on iPhones and Macs., iPhones and Macs are not immune to attacks and have vulnerabilities that allow remote access to their data. Today it is once again a story of state espionage that has just been
Unlike other spy cases, the attack was not. The hackers indiscriminately reached everyone who connected to these sites. This type of campaign is called a “water point” attack. This is about trapping the website (s) for a particular industry that is of interest to many people. Those who connect to the site will infect their device.
The Chinese state in action?
Once installed, theallowed to exfiltrate data, to carry out and record the seizures at and even start audio recordings. The most important vulnerability was in the browser, according to the TAG report . For macOS, the breach was in the browser’s Webkit library, but the hackers also used a located in the core.
As for attribution, given the complexity of the attack and thetargeted, the authors are certainly supported by the . Even if the evidence is still lacking to confirm it, the modus operandi is identical to many attacks of the same type and in particular those which had targeted the Uyghur minority. For its part, Apple corrected these vulnerabilities throughout the year. It is still necessary for users to apply the updates.