Apple is no stranger to security incidents, be it hacks, breaches, or vulnerabilities. You may not be aware of these various issues, and some may still be putting you at risk. So, which Apple hacks, breaches, and vulnerabilities do you need to know about?
Apple’s Hacks and Breaches
Apple has seen its fair share of hacks over the years, with some being more severe than others. Let’s start with a hack that took place over a decade ago.
1. XCodeGhost Hack (2015)
In 2015, 128 million iPhone users were affected by a malware-based hack. Hackers used a malicious version of XCode, Apple’s development environment for all its operating systems, including iOS. With this malware, known as XCodeGhost, hackers managed to compromise around 50 apps from the Apple App Store. Those who had downloaded the affected apps were vulnerable to hacking, and around 500 million users were estimated to be at risk at the time.
Though this mammoth estimate turned out to be a little smaller in reality, documents provided during Apple’s court battle with Epic Games revealed that 128 million individuals were still affected, including 18 million users within the US (as reported bySecurity Affairs).
What’s particularly controversial about this incident is that, at the time, Apple decided not to notify at-risk users of the attack. It took another six years for the public to become aware of the true nature of the hack, which came to light during the aforementioned Apple vs. Epic Games legal trial.
2. Pegasus Spyware (2016 Onward)
The notorious Pegasus spyware first launched in 2016 but came to global prominence in 2021 when it was used to exploit iOS in highly targeted attacks. Pegasus was developed by the Israeli NSO Group, a controversial organization that has hit security news headlines many times in the past. Government hackers now use this spyware to commit their own cybercrimes, so it’s a familiar name for cybersecurity experts. In fact, the NSO Group has sold its Pegasus spyware to numerous governments and states, including India and Mexico.
Check out our guide tocheck if your iPhone is infected with Pegasusif you’re concerned about this spyware.
3. SolarWinds (2021)
TheSolarWinds attack shook the tech and cybersecurity industriesin 2021, and Apple didn’t manage to dodge the shockwaves.
During the SolarWinds attack, hackers exploited an iOS 14 zero-day code vulnerability to infiltrate iPhones. Via the flaw, hackers used malicious domains to redirect iPhone users to phishing sites. This, in turn, allowed the attackers to steal user login credentials, which could then be used to either hack accounts or sell on to other illicit actors on illegal marketplaces.
4. Apple and Meta Data Breach (2021)
The most recent Apple security incident took place in mid-2021 when Apple and Meta staff were tricked by hackers impersonating law enforcement officials. In the attack, hackers first breached the accounts and networks of law enforcement agencies and then sent fake urgent data requests to employees at the two tech giants, urging a quick response. In response to this seemingly official request, users' IP addresses, home addresses, and contact numbers were provided.
It’s important to note that Apple and Meta staff didn’t provide information due to a random request. Legitimate police systems were hacked by the attackers in order to send the request, which made it difficult to detect.
Apple’s Vulnerabilities
Apple’s various software programs, including its operating systems, can fall victim to code vulnerabilities. So, which should you be aware of?
1. Kernel and WebKit Vulnerabilities (2022)
In August 2022, Apple announced that it had found a kernel vulnerability (officially known asCVE-2022-32894) that allowed the execution of arbitrary code with kernel privileges. Apple patched CVE-2022-32894 with macOS Monterey, so if you’ve manually installed this update or are using a newer macOS version than Monterey, you should be good to go.
Along with this vulnerability, an Apple WebKit flaw was also discovered. This flaw also ran the risk of arbitrary code execution as a result of malicious web content. Like the aforementioned vulnerability, the WebKit flaw for macOS Monterey is long since patched.
2. Blastpass Vulnerabilities (2023)
In September 2023, two zero-day Apple vulnerabilities were discovered to have been used by attackers. The vulnerabilities, known officially asCVE-2023-41064andCVE-2023-41061, in its iOS software.
CVE-2023-41064 was a buffer overflow vulnerability allowing arbitrary code execution and could affect all iPhones model 8 and newer running iOS version 16.6 or newer. Certain iPad models could also be targeted via this flaw. CVE-2023-41061, discovered shortly after the first of the two flaws, was a validation problem that could be abused through malicious attachments.
When used simultaneously, these two vulnerabilities formed an exploit chain known as Blastpass, and formed part of the delivery chain for the NSO Group’s Pegasus spyware, as reported byThe Citizen Lab. Blastpass could be used to hack iPhones and iPads without the victim even needing to interact with any malicious web pages or communications. These are also known aszero-click vulnerabilities.
However, using Apple’s Lockdown Mode, the chain can be stopped in its tracks, blocking it from infecting your device. There is also a patch available for the two vulnerabilities being exploited.
3. Foundation Vulnerabilities (2023)
In early 2023, three Apple zero-day vulnerabilities came to light that put numerous Apple operating systems at risk, including iOS, iPadOS, and macOS. Two of the vulnerabilities were found within Apple’s Foundation framework, which provides the base level of functionality and interoperation for Apple apps. These three vulnerabilities, known asCVE-2023-23530,CVE-2023-23531, andCVE-2023-23520, gave attackers the ability to execute malicious code remotely on infected devices.
In February 2023, Apple patched the three security flaws, so you should no longer be exposed to them if you’ve been updating your Apple device regularly.
Apple Isn’t Impervious to Hacks and Vulnerabilities
Apple’s software and hardware are highly secure, but you may still run into risks and cyberattacks as an Apple user. Whether you’re using an Apple phone, tablet, computer, or watch, never assume that you’re impervious to security issues. It’s always best to keep up to date with the latest Apple vulnerabilities, hacks, and breaches so that you can better protect yourself and prepare for future incidents.
