The Russian hackers behind the SolarWinds attack used an iOS zero day to steal credentials from Western European governments.

Attacks targeting CVE-2021-1879, as the zero-day is tracked, redirected users to domains that installed malicious payloads on fully updated iPhones. The attacks coincided with a campaign by the same hackers who delivered malware to Windows users, the researchers said.

Google published a blog post about zero-days here, and you can read coverage from Ars Technica at the link below.

Check It Out: ‘SolarWinds’ Hackers Used iOS Zero Day Against Government Officials

Add a Comment

Log in to comment (TMO, Twitter, Facebook) or Register for a TMO Account