Cyber Attack cyber

Apple

Nov 4, 2024 1 min read
Apple

LightSpy spyware has targeted iPhones, leveraging its destructive capabilities to disable the booting process of compromised devices. It employs a modular framework with advanced spying features, stealing sensitive data across various applications and personal files, recording audio, and gaining near-total control over the device. The updated version uses additional plugins to disrupt booting and includes a range of other malicious features. Despite using an older, patched vulnerability for infection, its recent deployment and functionalities such as file deletion, freezing devices, and faking push notifications to redirect users, raise significant concerns. The operators are suspected to be of Chinese origin, distributing the spyware through watering hole attacks.

Source: https://securityaffairs.com/170447/malware/lightspy-spyware-targets-iphones.html

TPRM report: https://scoringcyber.rankiteo.com/company/apple

"id": "app000110424",
"linkid": "apple",
"type": "Cyber Attack",
"date": "11/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'Technology', 'type': 'Consumer'}],
 'attack_vector': 'Watering Hole Attacks',
 'data_breach': {'type_of_data_compromised': ['Sensitive data across various '
                                              'applications',
                                              'Personal files',
                                              'Audio recordings']},
 'description': 'LightSpy spyware has targeted iPhones, leveraging its '
                'destructive capabilities to disable the booting process of '
                'compromised devices. It employs a modular framework with '
                'advanced spying features, stealing sensitive data across '
                'various applications and personal files, recording audio, and '
                'gaining near-total control over the device. The updated '
                'version uses additional plugins to disrupt booting and '
                'includes a range of other malicious features. Despite using '
                'an older, patched vulnerability for infection, its recent '
                'deployment and functionalities such as file deletion, '
                'freezing devices, and faking push notifications to redirect '
                'users, raise significant concerns. The operators are '
                'suspected to be of Chinese origin, distributing the spyware '
                'through watering hole attacks.',
 'impact': {'data_compromised': ['Sensitive data across various applications',
                                 'Personal files',
                                 'Audio recordings'],
            'systems_affected': ['iPhones']},
 'initial_access_broker': {'entry_point': 'Watering Hole Attacks'},
 'motivation': 'Espionage, Data Theft',
 'threat_actor': 'Suspected Chinese origin',
 'title': 'LightSpy Spyware Targets iPhones',
 'type': 'Spyware',
 'vulnerability_exploited': 'Older, patched vulnerability'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.