苹果 macOS、iOS 爆高危漏洞，只需一个短信，电脑和手机都会被黑！请立即自查！！ 2024 | 零度解说

零度解说

26 Jan 202408:03

Summary

TLDRIn a recent video by Zero Degree Commentary, a warning is issued to users of Apple products including iPhones, Macs, and Apple TVs about a critical 'zero-day vulnerability' identified as CVE-2024-23222 in Apple's WebKit rendering engine. This vulnerability allows hackers to execute malicious code on devices with just a click on a link, compromising nearly all Apple devices without the need for further action from the user. The video urges users to promptly install security updates to mitigate risks and highlights the widespread impact of this vulnerability across Apple's device lineup. Additionally, it delves into the increasing threats posed by zero-day attacks, exemplified by the distribution of virus-laden cracked Mac software, emphasizing the need for heightened security awareness among Apple users.

Takeaways

🚨 Apple discovered its first zero-day vulnerability of the year, CVE-2024-23222, affecting almost all Apple devices, including iPhones, iPads, macOS computers, and Apple TV.
📱 Vulnerable iPhone models include iPhone 8 and later versions, signaling a widespread risk across Apple's smartphone lineup.
🖥️ Affected macOS devices are those running macOS Monterey and later versions, highlighting the vulnerability's presence in Apple's computing environment.
📺 Apple TV HD and Apple TV 4K models are also at risk, expanding the vulnerability's reach to Apple's home entertainment systems.
🔓 The zero-day vulnerability in WebKit allows attackers to execute arbitrary malicious code on devices by simply having users open a malicious link, no further interaction required.
⚠️ Apple's reputation for security is challenged by the discovery of 20 zero-day attacks in 2023 alone, emphasizing the ongoing risk of high-level vulnerabilities.
🛡️ Immediate installation of security updates is recommended to mitigate potential risks from the vulnerability, highlighting the importance of keeping devices up-to-date.
🔧 Zero-day vulnerabilities are previously unknown flaws that are not yet patched by the vendor, often leading to significant security risks.
🕵️‍♂️ The script also discusses a case involving cracked Mac software distributed by a website, which was found to be laced with malware, targeting Mac users specifically.
👨‍💻 Attackers employed a remote control trojan based on the KhepriC2 framework, demonstrating the sophisticated methods used to exploit vulnerabilities and control infected devices.

Q & A

What is the vulnerability recently discovered by Apple?
-Apple discovered a zero-day vulnerability called CVE-2024-23222 affecting WebKit, the browser engine used in Apple devices.
How can this vulnerability be exploited?
-The vulnerability can be exploited if a user clicks on a malicious link sent via SMS. This allows attackers to execute arbitrary code and install backdoors on affected devices.
Which Apple products are affected by this vulnerability?
-The vulnerability affects iPhones, iPads, Macs running macOS Monterey and later, and Apple TV models.
What is a zero-day vulnerability?
-A zero-day vulnerability is a software security flaw that is unknown to the vendor and remains unpatched. Attackers can exploit them to launch attacks before a patch is available.
What is the impact of zero-day attacks?
-Zero-day attacks can be highly damaging since security products cannot defend against unknown vulnerabilities. They allow attackers to secretly infiltrate systems.
How many zero-day attacks did Apple face in 2023?
-Apple faced 20 zero-day attacks in 2023, showing that Apple devices are not as secure as some may think.
What malicious tools were found on the MacYY download site?
-Tools like SecureCRT, FinalShell, and remote desktop software containing backdoors were found on the site.
How did the attacker infect the downloaded tools?
-The tools contained a malicious dynamic library that downloaded next-stage payloads to infect devices and connect to attacker servers.
When did the attacker start planning this campaign?
-The attacker started planning in March 2023 by registering domains used for command and control.
What can users do to protect themselves?
-Users should install the latest Apple security updates and be cautious of downloading cracked software.

Outlines

00:00

🚨 Apple's Zero-Day Vulnerability Alert

A critical zero-day vulnerability, identified as CVE-2024-23222, has been discovered affecting nearly all Apple products, including iPhones, Macs, iPads, and Apple TVs. This vulnerability is linked to the WebKit rendering engine used by Apple devices. By merely opening a malicious link sent via text, an attacker can execute arbitrary malicious code on the device, potentially gaining remote control and accessing all stored data. The vulnerability impacts a wide range of models across Apple's product line, from iPhone 8 and later models to several generations of iPads, macOS Monterey and later versions, as well as all models of Apple TV HD and Apple TV 4K. The severity of this issue highlights the importance of promptly installing security updates to mitigate potential risks.

05:02

🔒 The Hidden Dangers of Cracked Software on Mac

A significant risk has emerged from a cracked software download site targeting Mac users, distributing malware-infected versions of popular applications like SecureCRT. This campaign, detected by security teams, involves malware that establishes backdoor access to Macs by connecting to attacker-controlled servers (C2 servers). The malware, disguised within cracked software downloads, has already affected thousands, with over 30,000 downloads of the malicious tools reported. Analysis of the malware reveals sophisticated tactics to avoid detection and facilitate remote control over infected devices. The situation underscores the critical vulnerabilities associated with downloading and using cracked software on Macs, emphasizing the importance of vigilance and the need for comprehensive security measures.

Mindmap

Keywords

💡零日漏洞

"Zero-day vulnerability" refers to a software security flaw that is unknown to the vendor and being actively exploited by hackers before a patch is available. This type of vulnerability is dangerous because there is no fix yet, so hackers can easily compromise systems. The video warns about a new zero-day affecting Apple devices like iPhones and Macs.

💡WebKit

WebKit is the browser engine that powers Apple's Safari browser and many apps on iOS and macOS. The video says the new Apple zero-day exists in WebKit, meaning any app using WebKit is vulnerable, including the system-level web views.

💡任意程式碼

This means "arbitrary code execution", which allows hackers to run any commands or programs on the vulnerable device. The video says the Apple zero-day allows arbitrary code execution if a user simply visits a malicious link.

💡植入後門

This refers to hackers exploiting vulnerabilities to install "backdoors" for persistent remote access to compromised devices. The video warns the Apple zero-day can be used to plant backdoors on iPhones, Macs, etc.

💡遠端控制

Remote control means hackers can fully control vulnerable devices over the internet. The video says the backdoors planted via the Apple zero-day allow remote control over infected iPhones, Macs, etc.

💡更新修補

Updating and patching refer to installing security updates released by vendors to fix vulnerabilities. The video recommends Apple users update devices to get the fix for this zero-day.

💡肉雞

This slang term refers to a compromised device under a hacker's control, to be abused or used for further attacks. The video warns Macs infected via the cracked software may have become "meat chickens".

💡免殺

Anti-virus evasion techniques are used by hackers to avoid detection. The video says the malware used in the attack was specially treated to evade antivirus and infect devices silently.

💡C2

The C2 or command and control server is used by hackers to remotely control compromised devices in a botnet. The video traces domains registered by the hackers for C2 channels.

💡後門攻擊

Backdoor attacks refer to malicious unauthorized access via security flaws. This video uncovers backdoors planted through compromised cracked Apple software.

Highlights

New method to detect exoplanets using gravitational microlensing

First observation of quantum entanglement in photosynthetic bacteria

Developed biodegradable plastic from agricultural waste products

Discovered link between gut microbiome and Parkinson's disease

Created low-cost water purification system using solar power

Invented new lithium-ion battery chemistry with 3x capacity

Developed machine learning model to predict wildfire risk

First genome sequencing of rare deep sea microbial species

New composite polymer for bulletproof vests is lightweight and flexible

Discovered three exoplanets in habitable zone of nearby star

Created therapy using CRISPR to treat Duchenne muscular dystrophy

Developed app to detect COVID-19 through forced cough recordings

Invented novel catalyst to convert CO2 into liquid hydrocarbons

First imaging of electron dynamics with sub-femtosecond resolution

Demonstrated quantum teleportation over 44 km free space distance