Anomalous iPhone crashes linked to sophisticated zero-click exploits targeting a vulnerability called Nickname have been observed mainly in high-value individuals in the EU and US. These targeted attacks, associated with Chinese state-sponsored hackers, exploit iMessage vulnerabilities to potentially compromise devices without user interaction. #NickameVulnerability #ChineseHackers
Keypoints
- The Nickname vulnerability affects iPhones up to iOS 18.1.1 but was fixed in iOS 18.3.1.
- Six targeted devices showed signs of exploitation, with crashes linked to malicious nickname updates in iMessage.
- The attack exploits a race condition in the βimagentβ process, leading to use-after-free memory corruption.
- The exploits are associated with Chinese state-sponsored threat actors targeting high-profile individuals.
- Evidence includes modifications in message metadata and SMS directories following the crashes, indicating potential spyware activity.
Views: 21