Russian state-backed hackers exploited a zero-day flaw in iOS earlier this year to target the iPhones of government officials in Western Europe, and succeeded in compromising at least one government agency in the US, according to security reports from Google and Microsoft.
The group – referred to as Nobelium by Microsoft – is known for its major attack
on the IT provider SolarWinds in 2020, when it gained access to government and other systems via a compromised update to SolarWinds’ Orion software. It’s now being reported by
Ars Technica that the same group also carried out attacks on various Western authorities and governments this spring, using a zero-day bug in Safari on iOS.
The bug, CVE-2021-1879, made it possible to install malware on even fully updated iPhones simply by inducing them to visit an infected website.
There were two separate attacks earlier in 2021, but Google researchers believe both were the work of the same group. In a campaign disclosed by
Microsoft in May, the hackers managed to compromise an account belonging to USAID, the US federal agency handling foreign aid, and send out emails from official addresses containing links to malicious pages.
This week Google’s
Threat Analysis Group reported that the same bug was used by the same group for further politically motivated attacks.
“CVE-2021-1879 was discovered by TAG on March 19, 2021, and used by a likely Russian government-backed actor,” write Google researchers Maddie Stone and Clement Lecigne. “In this campaign, attackers used LinkedIn Messaging to target government officials from western European countries by sending them malicious links.”
The post also documents three more so-called zero-bugs that have been used in attacks against fully updated devices.
There is little need to worry, however, that your iPhone is at risk from these attacks. As if often the case with security disclosures, we are hearing about them long after the danger has passed: the bug was fixed in iOS 14.4.2, which was released in March. (If you’re on an older version of iOS, be sure to
update your iPhone.)
For added peace of mind, read our
iPhone security tips.
This article originally appeared on
Macworld Sweden. Translation and additional reporting by David Price.