While many families were woke up to celebrate the Christmas holiday on the 25th, some were pleasantly surprised by a post from security researcher Boris Larin (@oct0xor) on X (formerly Twitter) saying that a jailbreak for A12 and newer devices running iOS & iPadOS 16.5.1 and older would soon be released.
The news took most of us by surprise, as there was no indication of an iOS & iPadOS 16 jailbreak for arm64e devices until now.
Even better is the fact that it appears to utilize a KTRR (kernel text readonly region) bypass, which is even more powerful than a PAC or PPL bypass that most of us have been waiting for so that a kfd exploit-based jailbreak could be made.
It now seems we will aren’t long for learning about the meat and potatoes of it:
In a follow-up post shared to X on Tuesday, Larin said details about the vulnerability would be discussed tomorrow at #37c3 by Larin, and two other security researchers including Leonid Bezvershenko (@bzvr_) and Georgy Kucherin (@kucher1n) during a talk entitled “Triangulation: What You Get When You Attack iPhones of Researchers.”
The description of the talk per the events page reads as follows:
Imagine discovering a zero-click attack targeting Apple mobile devices of your colleagues and managing to capture all the stages of the attack. That’s exactly what happened to us! This led to the fixing of four zero-day vulnerabilities and discovering of a previously unknown and highly sophisticated spyware that had been around for years without anyone noticing. We call it Operation Triangulation. We’ve been teasing this story for almost six months, while thoroughly analyzing every stage of the attack. Now, for the first time, we’re ready to tell you all about it. This is the story of the most sophisticated attack chain and spyware ever discovered by Kaspersky.
In this presentation, we will share:
– How we managed to discover and capture all stages of a zero-click attack on iOS, despite the attackers’ efforts to hide and protect it,
– a comprehensive analysis of the entire attack chain, which exploited five vulnerabilities, including four zero-days
– the capabilities of the malware that transforms your phone into the ultimate surveillance tool,
– and the links to previously known malware we were able to find.
A live stream of the talk will be provided for the general public to view and learn more about how the vulnerability works.
All three of the security researchers mentioned appear to be affiliated with Kaspersky GReAT. Given the clout that Kaspersky has in the cybersecurity world, we have no doubt that this will be both an interesting and exciting presentation for anyone involved in jailbreaking or security research.
Details about when a jailbreak will go public aren’t yet known, but once the vulnerability is out, just about any jailbreak developer is likely to be able to take advantage of it.
Are you excited to see what becomes of the latest jailbreak for arm64e devices running iOS & iPadOS 16.5.1 and lower? Be sure to let us know in the comments section down below.