Apple released iOS 9.3.5 which is from now on, will be available for 44 devices as ‘over the air update’ or as iTunes Download receivable.
This update is very important. Because of an enormous hole was found in iOS. It could be even one of the worst ever. Only with one click on a link; it should jailbreak the device remotely. Followed by installing malware. Which may cause fatal consequences, especially when this gap gets in to the malicious hands.
These exploits got found in the wildness by coincidence.
The dissident Ahmed Mansoor based in the United Arab Emirates, was in jail for 8 months with other activists which support the pro democracy movement. After he got released, his passport got confiscated and his banking account got relieved of $140,000.
One Morning he received a disputable SMS with a link in it. Thereby he got all ready hacked once before from government with surveillance software from FinFisher and Hacking Team. Understandably Ahmed Mansoor was distrustful and forwarded this Message to Citizenlab.
Because of the forensic work of Citizenlab and Lookout,
it came out fast that this was an attempted hack. Which used a zero day exploit. With those an attacker is able to initiate remotely a jailbreak and with that plant some malware. Afterwards it can pickup any files and therefore transform your device in to a spy.
This Exploit and Malware supposed to made by the Company “NSO Group”. They are describing themselves in the brochure as leader in Cyber War.
They are working together with military and homeland security organizations. Their products get sold to every sides. The spy software which gets smuggled in is called “Pegasus”. It is known that Pegasus already got used against journalists and different-minded people.
The Exploit consists of this 3 parts:
CVE-2016-4657: An exploit for WebKit, which allows execution of the initial shellcode
CVE-2016-4655: A Kernel Address Space Layout Randomization (KASLR) bypass exploit to find the base address of the kernel
CVE-2016-4656: 32 and 64 bit iOS kernel exploits that allow execution of code in the kernel, used to jailbreak the phone and allow software installation
Those are also exactly the same 3 Points which should be eliminated with iOS 9.3.5. Apple needed 10 days for fixing that, after citizenlab reported their discovery.
This 3 gaps combined are titled “Trident iOS Exploit Chain and Payload”.
It is recommended to update to iOS 9.3.5, because this exploit could be used by criminals at any time, given that it is now public.
If you are Jailbreak interested than it is like everytime recommended to stay at your current iOS version.
— IPSW Downloads (@iOSReleases) August 25, 2016
For questions and problems as well as ideas and suggestions, feel free to leave us a comment.