Search engine Google has uncovered a bunch of attacks by hackers that are targeting Apple users on iPhones and Macs, adding that the hackers behind these attacks are “a well-resourced group”. 

The tech company also stated that these hackers may also be backed by some government. 

Google's Threat Advisory Group (TAG) had made the discovery. In a recently shared post, Google said that ist TAG team found about these attacks in late August this year. Apple was reported about the zero-day attacks and the firm has now started a fixture for these strikes. 

Two major vectors were exploited by these attacks on Apple devices - macOS Catalina and Safari on iOS and macOS. The first device was compromised through a zero-day vulnerability or a previously unknown vulnerability titled CVE-2021-30869. 

After Apple was informed of this security issue by TAG, the former released an application for it on 23 September. On Safari, the attacks exploited previously known security issues in its WebKit rendering engine.

Google's security team said that these "watering hole" attacks, which means specific users were targeted using infected websites that the users usually pay a visit to. These websites were of media outlets and a political group in Hong Kong.

Apple device users who were interested in the political happenings in Hong Kong were targeted.

The vulnerabilities allowed the attackers to install a backdoor on the target users' devices when they visited these websites. This backdoor could potentially let the attackers capture audio and screen, download and upload files, use a keylogger to record all typed text and execute terminal commands on the victim’s devices, said a post by TAG.

Apple has “generic protections in Big Sur,” that offer the OS protection from any this particular exploit, noted the blog post. This leaves Catalina as the OS with vulnerabilities and Google noted and appreciated that Apple was quick to patch it up with fresh security updates.

On the other hand, Google has been proactive in discovering such zero-day vulnerabilities on its own and other systems lately. Recently in September, the company patched zero-day risk on Chrome that affected Windows, Mac and Linux users through the release of Chrome 94.0.4606.61 stable channel.

You Might Also Like