BlockBeats News, April 3rd, the Ministry of Industry and Information Technology of China’s Network Security Threat and Vulnerability Sharing Platform (NVDB) monitoring discovered that attackers are using a vulnerability exploitation tool targeting Apple’s terminal products to carry out network attack activities, which can lead to serious consequences such as information theft and system compromise. The scope of impact includes Apple’s terminal products running iOS 13.0 to 17.2.1, such as iPhone and iPad.
The attackers lure users to visit web pages containing malicious code using Safari browser through methods such as SMS, email, or web poisoning. By exploiting security vulnerabilities existing in terminal devices, they implant remote control Trojans into the victim’s terminal products, steal user’s sensitive information, gain the highest permissions, and take control.
It is recommended that users of Apple’s terminal products conduct a risk assessment, promptly fix vulnerabilities by upgrading versions and installing patches, etc. (refer to Apple’s security update announcement: https://support.apple.com/en-us/100100). Pay attention to system update notifications and Apple’s latest security update announcements, upgrade to the latest security version in a timely manner, strengthen security awareness, avoid clicking on unknown links, and prevent network attack risks.
