27. January 2022

This article has been indexed from

CySecurity News – Latest Information Security and Hacking Incidents

A previously unknown cyber-espionage malware targeting Apple’s macOS operating system used a Safari web browser exploit as part of a watering hole attack targeting politically engaged, pro-democracy Hong Kong residents. ESET, a Slovak cybersecurity firm, ascribed the infiltration to an actor with “high technical capabilities,” noting similarities between the campaign and a similar digital offensive published by Google Threat Analysis Group (TAG) in November 2021. 

Between September 30 and November 4, 2021, the attack chain entailed compromising a legitimate website belonging to D100 Radio, a pro-democracy internet radio station in Hong Kong, in order to inject malicious inline frames (aka iframes). Separately, a bogus website called “fightforhk[.]com” was registered to entice liberation activists. The altered code then served as a conduit to load a Mach-O file by exploiting a remote code execution bug in WebKit, which Apple rectified in February 2021. (CVE-2021-1789). 

“The exploit used to gain code execution in the browser is quite complex and had more than 1,000 lines of code once formatted nicely,” ESET researchers said. It’s worth noting that some of the code shows that the vulnerability might have been exploited on iOS and even on PAC-enabled (Pointer Authentication Code) devices like the iPhone XS and newer. 

The exploit uses two primitives to gain memory read and write access: one to leak an object’s address (addrof) and the other to generate a bogus JavaScript object from a specified memor

[…]

Content was cut in order to protect the source.Please visit the source for the rest of the article.

Read the original article: