A vulnerability has been identified in the USB-C port controller used in iPhone 15 and 16 models. Yet, both Apple and the security expert who identified this flaw agree that exploiting it is highly intricate, and thus it does not pose a credible real-world risk.
On the other hand, a significant threat to iPhone users emerges from a method utilized by scammers to circumvent one of Apple’s built-in safeguards. Update: A surge in E-ZPass scam messages seems to stem from a Chinese phishing kit – see the new section below …
Vulnerability in iPhone’s USB-C Port
Security experts successfully hacked Apple’s ACE3 USB-C controller, which represents a significant advancement in USB-C technology, managing power delivery while serving as a sophisticated microcontroller with access to vital internal systems […]
[Roth’s team achieved] code execution on the ACE3 chip by meticulously measuring electromagnetic signals during the chip’s startup phase, identifying the exact moment for firmware validation.
Employing electromagnetic fault injection at this juncture allowed them to bypass the validation checks and boot a modified firmware patch into the chip’s CPU.
Theoretically, this could enable an attacker to gain complete control over an iPhone.
However, this would necessitate physical access to the device and is exceptionally challenging to execute. As reported by Macworld, Apple deemed this an unrealistic threat upon reviewing the method, which Roth corroborated.
Scammers’ Tactic to Bypass Protections
Scammers frequently use SMS and iMessage to send links aimed at phishing attacks or trying to install malware on iPhones.
To safeguard users, if you receive an iMessage from an unknown sender with whom you have never communicated, your iPhone automatically disables any links present in that message, rendering them as plain text that cannot be tapped.
Nonetheless, scammers have devised a workaround. If they manage to persuade you to reply to their message—even with a brief response like a STOP command, intended for legitimate senders—this disables the protection.
According to BleepingComputer, responding in any capacity to the message causes your iPhone to recognize the sender as legitimate, reactivating their links.
Apple confirmed to BleepingComputer that if a user replies to the message or adds the sender to their contacts, links will be enabled.
Recently, BleepingComputer has noted a rise in smishing attacks that attempt to prompt users into replying to a text to reinstate link functionality.
The site provided examples of fraudulent texts appearing to originate from USPS and a toll road company, each urging the recipient to reply with Y, which would unlock the links.
This tactic is prevalent enough that I found similar examples simply by reviewing my deleted messages.
Update: E-ZPass Scams and Chinese Phishing Kit
Krebs on Security has reported a surge in E-ZPass and other toll road scam messages, seemingly generated by a Chinese phishing kit.
Researchers noted that the increase in SMS spam aligns with new features added to a well-known commercial phishing kit sold in China, which simplifies the creation of convincing scams that impersonate toll road operators in multiple U.S. states.
Protecting Yourself
Never click on links in emails or messages unless you anticipate them. The best practice is to utilize your bookmarks or enter URLs manually, and do so only if you have genuine reason to believe the message is authentic. When uncertain, verify by contacting the company using known contact details.
Photo: DMN
: . More.
