New iPhone exploit discovered: Chinese hackers spy on Uyghur Muslims in the autonomous region of Xinjiang
The digital forensic team reveals that new iOS exploit named Insomnia uses a flaw in WebKit browser engine to spy on China's Uyghur minority.[1] The exploit works on iOS versions 12.3, 12.3.1, and 12.3.2 and leverages on the previously known flaw that was patched last year with iOS 12.4 version.[2] Insomnia was used between January and March 2020 when the exploit was loaded on the devices of users that visited Uyghur-themed websites.
The exploit was launched when the victim accessed the site, and attackers gained root access to the device immediately. Once that was done, hackers managed to steal plaintext messages from various instant messaging applications, emails, photos, contacts, and even track GPS location details. Insomnia works with various browsers that are based on WebKit and anyone that visited websites with Insomnia scripts were vulnerable to getting hacked, as Volexity reports:
Note that exploit can be triggered through any browser on the phone, as they all use WebKit. Volexity was able to confirm successful explotiation of a phone running 12.3.1 via the Apple Safari, Google Chrome, and Microsoft Edge mobile browsers.
New iPhone exploit discovered: Chinese hackers spy on Uyghur Muslims in the autonomous region of Xinjiang
Reviewed by Blogger
on
April 25, 2020
Rating:
Reviewed by Blogger
on
April 25, 2020
Rating:

