Hackers Exploited 0-Day iOS Flaw To Infiltrate Government Officials' iPhones
Yesterday, Google TAG researchers Maddie Stone and Clement Lecigne reported that Nobelium, also known as Cozy Bear or APT29, used “LinkedIn Messaging to target government officials from western European countries by sending them malicious links.” If the victim clicked this link on an iOS device, they would be redirected to an attacker-controlled domain that served next-stage payloads.
Interestingly, the researchers report that this campaign coincides with an election-fraud-themed malware campaign that appeared to have originated from USAID after a constant contact account was breached. We reported on this back in May 2021, stating that the threat actors were targeting human rights and humanitarian organizations worldwide as well as several government agencies in the US and Europe.
Though it is hard to extrapolate what the end goal is, in the short term, it is clear that the Russian-backed attackers are targeting high-level executives and government officials. Furthermore, it should be abundantly clear not to click on random links in emails, LinkedIn messages, or anywhere for that matter. Even if you do not feel the attack targeted you, it is entirely possible to be accidentally entangled, leading to a world of cybersecurity problems.