New iOS exploit discovered being used to spy on China’s Uyghur minority
Yesterday, a security firm stated that it discovered a new iOS exploit, named Insomnia, that works against iOS 12.3, 12.3.1, and 12.3.2. The security firm, Volexity, also stated that it believes the exploit was used to spy on the pressed Uyghur minority population in China. Apple patched this vulnerability behind the exploit with the release of iOS 12.4. However, Volexity claims that the exploit was used in the wild between January and March of 2020.
The exploit was found loaded on the iOS devices of users who had visited several websites that were centered around topics related to the Uyghur. Once victims accessed sites, the exploit was loaded onto the device, allowing the attacker root access. These root privileges were then used to steal messages from various clients, as well as emails, photos, contact lists, and GPS data. Volexity believes that the exploit was deployed by a threat actor they call Evil Eye, stating that they have been tracking the group. The group is believed to be a Chinese state-sponsored unit.