Skip to main content

Posts

Showing posts from March 29, 2020

Operation Poisoned News – Hackers Deliver Malware Targeting iOS Users Using Local News Links

A new campaign dubbed Operation Poisoned News that uses news local news sites links to deploy  malware  called lightSpy on the user’s iOS devices. Attackers posted the news articles in various forums, by clicking on the link it takes users to the news sites, but they also have hidden iframe that loads malicious code. The malicious code is capable of exploiting vulnerabilities present in iOS 12.1 and 12.2, clicking on those links leads to the installation of malware lightSpy on the iOS devices. Poisoned News Campaign The lightSpy is the backdoor module that allows attackers to execute the code remotely and to manipulate files in the affected device. Security researchers from Trend Micro  observed  the watering hole attack targeting iOS users. The links posted by the attackers include three iframes. The only visible link is the original news website, with the other two invisible links, one used for analytics purposes and another site hosting exploits. Here you can find