A new campaign dubbed Operation Poisoned News that uses news local news sites links to deploy malware called lightSpy on the user’s iOS devices. Attackers posted the news articles in various forums, by clicking on the link it takes users to the news sites, but they also have hidden iframe that loads malicious code. The malicious code is capable of exploiting vulnerabilities present in iOS 12.1 and 12.2, clicking on those links leads to the installation of malware lightSpy on the iOS devices. Poisoned News Campaign The lightSpy is the backdoor module that allows attackers to execute the code remotely and to manipulate files in the affected device. Security researchers from Trend Micro observed the watering hole attack targeting iOS users. The links posted by the attackers include three iframes. The only visible link is the original news website, with the other two invisible links, one used for analytics purposes and another site hosting exploits. ...
The Hacks001 blog is the most popular, independent and trusted source for the latest news headlines on cybersecurity, hacking, computer security, cybercrime, privacy, vulnerabilities and technology for all businesses, information security professionals and hackers worldwide.