, 11 tweets, 2 min read Read on Twitter
Re: iPhone. We’re all just 1 zero-day away from being compromised.
I wonder what the half-life is of these iOS vulnerabilities, and how it compares to the half-life is similar zero-days on competing platforms.
I also wonder if The Wayback Machine or Google cache somehow logged the exploit code of the infected website(s). Would also be nice if there was a way to search website source code for various strings.
Google blog post didn’t say how they found the infected website(s) using the iOS zero-days. But I’m sitting here thinking, again, that after $127B in annual InfoSec spending, it was an advertising platform that found it... and not a security vendor. Threat intel or otherwise.
While we don’t yet know who the threat-actor is being the iOS watering hole attack, or their motivation, but they know their tools have been discovered and activity made public... what might they be doing right now to protect themselves or their operations?
Step 1. Crawl the Internet searching for infected websites spraying iOS zero-days.
Step 2. Submit to Apple
Step 3. Profit (7-figures)
What are the chances that there are other websites out there, right now, spraying a completely different collection of iOS zero-days? It would have to be non-zero right?
When/if we learn who the threat actors are, the URLs to the infected websites, and who the intended targets may have been... this story could get way crazy.
🤔
I forgot to say that this is stelar work by Google's Threat Analysis Group and an incredible contribution. All the credit in the world to these guys.
@thegrugq @daveaitel possible (or likely) that these exploits where previously used in more highly targeted attacks, and that they then purposely burnt them in a wider attack to cover their tracks? Or something along those lines.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Jeremiah Grossman
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!