Zero-click attacks: The stealthy cyber threat demanding a new defence strategy
Nowadays, the popularity of various forms of communication presents a convenient pathway for cybercriminals to conduct their activities. Sending messages is easy, and human mistakes can help facilitate the next steps of the attack. Nevertheless, user error isn't a prerequisite for a successful assault. This is why zero-click attacks have become an effective weapon for cybercriminals.
10:29 AM EST, January 23, 2024
"Cybercriminals can spread malicious software thanks to these attacks, even without any errors on the part of the user," says Kamil Sadkowski, an analyst at the Eset antivirus lab. This cybercrime is much more sophisticated than common phishing messages filled with glaring and, at times, comical grammatical errors. With zero-click attacks, it's challenging to realize when an attack is happening," he admits.
Understanding "zero-click" attacks
Rather than relying on user interaction, like opening an infected attachment or clicking a suspicious link, zero-click attacks exploit security vulnerabilities in various apps, including those used for sending SMS or emails. If an application contains an unpatched flaw, the attacker can manipulate its data. Cybercriminals can hide malicious code in images or text messages transmitted to users.
The absence of needed interaction with the victim makes it more challenging to detect harmful activities. Thus, this opens the door for installing spying software, stalkerware, and other forms of malware. Also, criminals can track and collect data from the affected device.
2019 for instance, a vulnerability was discovered within the WhatsApp app that allowed a zero-click attack. A simple unanswered call enabled not just the exploitation of a flaw in the app's code but also the infection of the device with spyware. Fortunately, the app's developers were able to patch this flaw quickly.
Is protection against "zero-click" possible?
Protecting against zero-click attacks has become a focus for more companies. For instance, Samsung phones offer a feature named Samsung Message Guard, designed to reduce the risk posed by unseen threats hidden in graphic attachments. Samsung Message Guard scrutinizes files bit by bit and processes each in a controlled environment, separated from the rest of the operating system - a method similar to many modern antivirus solutions.
Apple also proposes a solution aimed at safe-guarding users against zero-click attacks. Its feature BlastDoor scrutinizes data in iMessage and prevents messages from interacting with the operating system. This protection was introduced after a security flaw in iMessage was discovered. This flaw was exploited to install spyware on public figures' devices, primarily politicians and activists. Criminals were able to eavesdrop on calls, read messages, access passwords, track the device's location,, and gain control over microphones and cameras.
"Despite existing security measures, we must stay alert. Even if we utilize protective solutions, our phones may still have security vulnerabilities. This is especially relevant for phones with out-of-date software," cautions Kamil Sadkowski from Eset.
Important precautions:
- Consistently update your devices and apps.
- Purchase phones from brands renowned for regular security updates and with a commendable reputation.
- Only download apps from official stores, such as Google Play or Apple App Store, as they rigorously vet their offerings for potentially harmful elements.
- Delete apps that you're not actively using.
- Regularly back up your device's data to ensure you can recover it if it needs to be restored to factory settings.
- Implement a mobile antivirus solution to increase your device's security.