Google Threat Intelligence uncovered an active iOS zero-day exploit chain linked to Intellexa, a commercial surveillance vendor, targeting individuals in Egypt. The attack involves a three-stage process to install Predator spyware, highlighting ongoing concerns about illegal digital espionage. #Intellexa #PredatorSpyware
Keypoints
- Intellexa developed a three-stage iOS exploit chain to deploy its Predator spyware in Egypt.
- The first stage exploits a patched Safari remote code execution vulnerability, CVE-2023-41993.
- The second stage involves a sophisticated sandbox escape and privilege escalation using kernel vulnerabilities.
- The third stage includes anti-detection modules capable of monitoring device activity and evading security tools.
- Google attributes the exploits to external sources and reports ongoing use by state-backed threat actors.
Read More: https://thecyberexpress.com/ios-zero-day-exploit-chain-egypt/