Kaspersky reveals a hidden ‘feature’ of Apple iPhones that could let malware get past the built-in protection in the iPhone’s memory. The Global Research and Analysis Team (GReAT) of Kaspersky is responsible for this discovery that was compromising the iPhone users’ valuable data.

According to a report from BleeoingComputer, Russia’s intelligence agency, the Federal Security Force (FSB), has accused Apple of creating a backdoor for the National Security Agency of the United States to use against the Russian government. Moreover, it is possible that this feature was intentionally added to iPhones during the development phase for testing and debugging purposes.

Kaspersky Notified Apple About The Vulnerability Of The Hardware Feature

However, it is also being speculated that this was mistakenly left in the iPhone’s software. Well, whatever the reason for this hidden feature in the iPhones may be, the result is that cybercriminals use this to steal and misuse users’ valuable data.

According to cybersecurity experts, this security issue was noticed in July 2023 and named as CVE-2023-38606. This problem affected iPhone users who were using iOS versions up to 16.6. Also, the cybersecurity experts said that the hidden feature of iPhones allowed the attackers to bypass its built-in protection.

However, this feature might have been put there for testing or fixing problems, but there is no official information about it in the public domain. This lack of information about the features of iPhones made it tough for Kaspersky’s Global Research and Analysis Team to spot and understand the issue.

According to Kaspersky, the attackers used this hidden feature to trick the iPhone’s security to get around the protection built into the hardware and mess with the important parts of the iPhone’s memories. It was supposed to be super secure, but unfortunately, attackers have unlocked a backdoor to it.

Researchers from Kaspersky had to do some tricky work to find and fix the problem in the iPhone devices. Researchers reverse-engineered the device to find and understand the problem. They focused on Memory-Mapped IO (MMIO) addresses which are like special codes that help the CPU to communicate with other parts.

Researchers found that the attackers were using secret Memory-Mapped IO (MMIO) addresses to bypass the device’s protection. Thereby, Kaspersky’s research team had to go through hardware (the physical parts), firmware (the device’s software), and kernel images (the core of the operating system) to uncover clues and solve the mystery.

According to Boris Larin, this is not an ordinary issue, and because iPhones have a closed system, finding and fixing this issue was tough and took a lot of time. Boris Larin also said that the problem required a deep understanding of hardware and software to be identified and fixed. Boris Larin is the Principal Security Researcher at Kaspersky’s Global Research and Analysis Team (GReAT).

Moreover, Boris highlighted the crucial lesson learned from this experience and said that even advanced protection in the physical parts can sometimes not work against smart attackers. According to Boris Larin, researchers have to make continuous efforts to explore and understand potential vulnerabilities in complex systems like iPhones.

Moreover, even if there are lots of protections in the hardware, it won’t work well if there are some features are hidden and not documented because it can allow attackers to bypass those protections.

The vulnerability CVE-2023-38606 played an important role in ‘Operation Triangulation’ that allowed attackers to get into specific devices, put spyware on them, and secretly check put and misuse users’ data.

However, Kaspersky informed Apple about how attackers were utilizing the hidden features of iPhones, and the company was quick to solve the problem. Cybersecurity experts are working hard to prevent people from cyber attacks, but attackers are finding different ways to fulfill their intentions.

