Findmypwn

Vulnerability updated 5 months ago (2024-05-05T01:18:04.045Z)

Download STIX

Preview STIX

FINDMYPWN is a zero-click exploit that was used against iOS 15 starting from June 2022. This two-step vulnerability targets the iPhone's Find My feature and iMessage, allowing for unauthorized access and control of the device. It has been observed being deployed as zero-days against iOS versions 15.5, 15.6, and 16.0.3. In 2022, there were at least two recorded instances of devices being infected by the FINDMYPWN exploit. However, it remains unclear which specific security vulnerabilities FINDMYPWN has been exploiting, though it may be related to CVE-2022-42827, a remote code execution bug in the OS kernel. The surveillance firm also used another zero-click exploit, dubbed PWNYOURHOME, against iOS 15 and iOS 16. This exploit involves the HomeKit functionality built into iPhones and can operate even if the victim has never configured a "Home" inside HomeKit. A third zero-click exploit, LATENTIMAGE, was active in January 2022 on iOS 15 and might have also involved the iPhone's Find My feature, but it represents a different exploit chain than FINDMYPWN. Citizen Lab's investigation concluded that NSO Group's Pegasus spyware continues to pose a threat as their attack techniques evolve. PWNYOURHOME and FINDMYPWN are the first observed zero-click exploits that utilize two separate remote attack surfaces on the iPhone. Despite these threats, the exact security vulnerabilities exploited by FINDMYPWN remain uncertain, necessitating further research and analysis to develop effective countermeasures.

Description last updated: 2024-05-05T00:29:04.860Z

What's your take? (Question 1 of 3)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.

Alias Description	Votes
Pwnyourhome is a possible alias for Findmypwn. The "PWNYOURHOME" vulnerability is a significant flaw in software design or implementation that was used against iPhones running iOS 15 and iOS 16 starting in October 2022. Identified by Citizen Lab, it is one of three zero-click exploits that were used to deploy the Pegasus spyware on target iPhone	3

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Exploit

Ios

Imessage

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Source Document References

Information about the Findmypwn Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
CERT-EU	a year ago	Zero-Click iPhone Exploit Drops Spyware on Exiled Russian Journalist
Securityaffairs	a year ago	PWNYOURHOME, FINDMYPWN, LATENTIMAGE: 3 iOS Zero-Click exploits used by NSO Group in 2022
Malwarebytes	a year ago	iOS Lockdown Mode effective against NSO zero-click exploit
CERT-EU	a year ago	NSO's Pegasus spyware uses 3 zero-click iOS exploit to hack iPhones
CERT-EU	a year ago	3 iOS Zero-Click Exploits Exploited by NSO Group to Deploy Spyware