Surge in Zero-click Vulnerabilities: The Rise of ‘Mobile NotPetya’

Home/BOTNET, Compromised, Exploitation, Internet Security, Mobile Security, Security Advisory, Security Update, vulnerability/Surge in Zero-click Vulnerabilities: The Rise of ‘Mobile NotPetya’

Surge in Zero-click Vulnerabilities: The Rise of ‘Mobile NotPetya’

The cybersecurity community warns of the rising threat of a “mobile NotPetya” event, a self-propagating mobile malware outbreak with potentially devastating consequences.

This concern is fueled by the significant increase in the discovery and exploitation of zero-click vulnerabilities in mobile operating systems over the past year.

In 2023, more zero-click vulnerabilities were disclosed than in the previous four years combined.

The Surge of Zero-click Exploits – Mobile NotPetya

The key for a “mobile NotPetya” is malware’s autonomous spread via zero-click vulnerabilities, sans user interaction.

In recent years, there’s been a troubling surge in the discovery and exploitation of these vulnerabilities:

In May 2019, a WhatsApp zero-click vulnerability (CVE-2019-3568) enabled Pegasus spyware delivery via malicious RTCP packets.

In December 2020, Citizen Lab exposed the “KISMET” zero-click exploit, targeting iOS 13.5’s messaging components for Pegasus infection. September 2021 saw Citizen Lab revealing “FORCEDENTRY,” exploiting Apple’s image rendering library (CVE-2021-30860).

Apple patched a zero-click vulnerability (CVE-2023-28205) in iOS in April 2023, possibly actively exploited. Kaspersky’s June 2023 disclosure of “Operation Triangulation” unveiled exploitation of six zero-day vulnerabilities, including one writing to unknown hardware registers.

The number of disclosed zero-click exploits has surged, from 3 in 2019-2022 to 6 in the first two quarters of 2023.

Experts caution that this trend will persist as spyware firms and other threat actors focus on discovering and exploiting these vulnerabilities.

Recorded Future recently released an article detailing the rise in zero-click vulnerabilities in Mobile NotPetya malware.

Prime Conditions for a ‘Mobile NotPetya’

The critical components for a catastrophic mobile malware outbreak are as follows:

  1. Zero-click exploits: Persistent development of zero-click vulnerabilities by spyware firms enables autonomous malware propagation.
  2. Autonomous spread: Mobile malware could exploit contact lists and Bluetooth to propagate among new victims.
  3. Monoculture landscape: Dominance of Android and iOS in the mobile OS market amplifies the impact of a single vulnerability.
  4. Lack of effective mitigations: Measures like Apple’s Lockdown Mode face limited adoption, with tech companies lacking clear public strategies to prevent a mobile malware outbreak.
  5. Heightened motivations: Escalating geopolitical tensions and the sophistication of cybercriminal groups elevate the risk of intentional or accidental deployment of mobile malware attacks.

Experts suggest that telecommunications providers and device manufacturers possess potential tools to halt a mobile NotPetya, including:

  1. Filtering messages using consistent header information found in malicious messages.
  2. Blocking messages originating from geographic clusters of infected devices.

About the Author:

FirstHackersNews- Identifies Security

Leave A Comment

Subscribe to our newsletter to receive security tips everday!