Security News > 2021 > January > Apple iOS 14 Thwarts iMessage Attacks With BlastDoor System
In an effort to prevent attacks from being launched via its iMessage feature, Apple has debuted a security service called BlastDoor in iOS 14, its current mobile operating system version.
The service comes on the heels of a recently uncovered iMessage zero-click exploit, which was being leveraged in an espionage attack against Al Jazeera journalists and executives.
In iOS 14, this process has been moved to the new BlastDoor service.
"While these notifications may simply be used for statistical purposes, they would also give Apple a fairly clear signal about attacks against iMessage involving brute-force and a somewhat weaker signal about any failed exploits against the BlastDoor service."
Second, the BlastDoor and imagent services are now subject to a newly introduced "Exponential throttling mechanism" enforced by launchd, Apple's operating system service management daemon.
Groß applauded Apple's offensive security work reflected in the recent changes, particularly for its impact against message-based zero-click attacks.
News URL
https://threatpost.com/apple-ios-imessage-blastdoor/163479/
Related news
- Apple Updates Spyware Alert System to Warn Victims of Mercenary Attacks (source)
- Apple: Mercenary spyware attacks target iPhone users in 92 countries (source)
- Apple stops warning of 'state-sponsored' attacks, now alerts about 'mercenary spyware' (source)
- Apple Alerts iPhone Users in 92 Countries to Mercenary Spyware Attacks (source)
- Apple backports fix for RTKit iOS zero-day to older iPhones (source)
- Apple backports fix for zero-day exploited in attacks to older iPhones (source)
- Apple backports iOS zero-day patch, adds Bluetooth tracker alert (source)
- Apple and Google add alerts for unknown Bluetooth trackers to iOS, Android (source)