The Google Threat Advisory Group (TAG) revealed a new method used by hackers to exploit security holes in macOS and iOS.
This method uses various loopholes at once which are exploited through a number of sites. The target is Apple device users who are Hong Kong residents.
This method of attack, according to TAG, is commonly referred to as a 'watering hole', which targets visitors to Hong Kong news sites who are looking for news related to political news in the country.
This action exploits a zero-day loophole (CVE-2021-30869) in macOS Catalina that TAG previously reported to Apple, and then patched on September 23.
According to TAG, the attack exploited a number of loopholes that existed in macOS, such as the WebKit rendering engine for Safari on iOS and macOS.
Through this loophole, the hacker can install a number of backdoors on the victim's device after accessing sites that have been infected. The backdoor contains various modules, including those that function to identify the infected device, record sound, record screen, install a keylogger, retrieve or infiltrate files, and execute certain terminal commands with root access.
"We believe that the perpetrators of this attack were a syndicate with huge resources, possibly backed by the state, and judging by the quality of the software, they had a special engineering team," TAG wrote in its report.
Previously, Apple's Head of Software Craig Federighi had stated that currently macOS is indeed being targeted by malware, and he was dissatisfied with the security system in the OS for Mac devices.
Craig said it in court where Apple is facing a lawsuit from developer Epic Games. He said that Apple lets users install software from the internet for Macs and is often exploited by cybercriminals, unlike iOS, which has higher protections.
"Currently, the level of malware on Mac is unacceptable and much worse than iOS," he said.
According to him, Apple found and removed 130 types of malware on Macs in the past year that infected hundreds of thousands of systems. Compared to the iPhone, they only found three types of malware.
