In a new article shared on the official Google blog, cybersecurity experts from the Mountain View firm say more about the attack that affected the SolarWinds company from the end of 2019 to 2020. The company has prestigious clients in the United States. -United States, such as private companies Microsoft and Cisco but also entities of the American government: treasury, foreign affairs, health, internal security and nuclear.
We learn that the hackers' objective here was to redirect victims to domains compiling malicious code not only on Windows but also on iPhone and iPad. Via the Cupertino OS, it is in fact thanks to a flawzero-daynumbered CVE-2021-1879 by researchers that the criminals were able to achieve their goals. The error has of course since been corrected by Apple, since it is now public: no worries at home or in the office.
Many popular sites affected
This incident was notably made possible by WebKit, the engine used by Apple to develop Safari andoften singled out for its bugs. Via this software library well known to publishers on the App Store, the hackers were then able to collect user connection information on different platforms such as Yahoo, Facebook, Linkedin, Microsoft and even Google. And this in complete discretion, without any Internet user noticing: we are a long way from the traditional phishing techniques against which it is easy to warn.
More precisely, it is in fact the cookies saved by visitors which may have been collected in this way. Which could easily have been avoided by using the official applications of the various target services. Indeed, in this way, it is then the iCloud keychain which takes over. What's more, it seems to guarantee - notably thanks tothe Secure Enclave chip of the iPhone 12– a real guarantee of additional confidentiality.
Who is behind this attack?
This breach was actually patched as early as iOS 14.4.2, without informing those familiar with Apple's beta program. Furthermore, according to most sources, the SolarWinds hack was orchestrated by an agency whose funding was provided by a government body linked to… Russia.
i-nfo.fr - Official iPhon.fr app
By : Keleops AG
