Apple Patches Older Devices Against Sophisticated Spyware
If you have an older Apple device, even if it’s no longer receiving the latest iOS updates, it’s crucial to ensure you have the most recent security patches available. Apple recently released a security update for older iPhones and iPads addressing vulnerabilities exploited in cyber-espionage and crypto-theft attacks.
The Coruna Exploit Kit: A Powerful Threat
The March 11 security update addresses vulnerabilities used by the Coruna exploit kit. This spyware and surveillance package contains 23 exploits targeting iOS releases from 13.0 to 17.2.1. Google Threat Intelligence Group researchers have linked its deployment to state-backed Russian hackers, surveillance vendors and a Chinese threat actor.
These vulnerabilities could allow attackers to escalate permissions to Kernel privileges or gain remote code execution capabilities on affected devices. Specifically, the update patches CVE-2023-43010, CVE-2024-23222, CVE-2023-43000, and CVE-2023-43010, all affecting WebKit, as well as CVE-2023-41974, a Kernel vulnerability.
Which Devices Are Affected?
The update applies to the following older models running iOS 15.8.7/16.7.15 and iPadOS 15.8.7/16.7.15:
- iPhone 6s
- iPhone 7
- iPhone SE (1st generation)
- iPhone 8
- iPhone 8 Plus
- iPhone X
- iPad Air 2
- iPad Mini (4th generation)
- iPod Touch (7th generation)
- iPad (5th generation)
- iPad Pro 9.7-inch
- iPad Pro 12.9-inch (1st generation)
The Broader Trend: Zero-Day Vulnerabilities and Targeted Attacks
This patch follows another zero-day fix released in February for newer iOS, iPadOS, and macOS versions, which Apple stated may have been exploited in “extremely sophisticated attacks against specific targeted individuals.” This highlights a growing trend: attackers are increasingly focusing on zero-day vulnerabilities – flaws unknown to the software vendor – to target specific individuals or groups.
The Coruna exploit kit is particularly concerning due to its breadth and the actors associated with it. The fact that it’s been used by both nation-state actors and commercial surveillance companies suggests a wide range of potential targets and motivations.
Why Older Devices Remain at Risk
While Apple provides security updates for many years, older devices eventually reach a point where they no longer receive the latest features or security patches. This leaves them vulnerable to newly discovered exploits. The recent update demonstrates Apple’s commitment to protecting even older devices, but it also underscores the importance of regularly updating all your devices, regardless of their age.
Did you know? Zero-day exploits are often sold on the dark web for exorbitant prices, making them a valuable commodity for attackers.
Future Implications and What to Expect
The increasing sophistication of exploit kits like Coruna suggests that targeted attacks will become more common. Expect to see:
- More frequent zero-day discoveries: As software becomes more complex, the likelihood of undiscovered vulnerabilities increases.
- Increased focus on mobile security: Mobile devices are becoming primary targets for attackers due to the sensitive data they contain.
- Greater emphasis on proactive threat hunting: Organizations and individuals will necessitate to proactively search for and mitigate threats rather than relying solely on reactive patching.
FAQ
- What is a zero-day vulnerability? A zero-day vulnerability is a software flaw that is unknown to the vendor and for which no patch is available.
- What is an exploit kit? An exploit kit is a collection of tools and exploits used to compromise vulnerable systems.
- How can I protect myself from these threats? Maintain your devices updated, be cautious about clicking on links or opening attachments from unknown sources, and apply strong, unique passwords.
- Does this update affect my newer iPhone? This specific update is for older devices. Though, it’s still crucial to ensure your newer iPhone is running the latest iOS version.
Pro Tip: Enable automatic updates on your Apple devices to ensure you receive security patches as soon as they are released.
Stay informed about the latest security threats and take proactive steps to protect your devices and data. Explore additional resources on Apple’s security website and security blogs like SecurityWeek and The Hacker News.
