Spyware Fighters Fear Future Zero-Day Attacks Through Ads

Estimated read time 2 min read


Could advertisements be the next gateway for infecting smartphones with spyware? This is the chilling prediction from Bill Marczak of Citizen Lab. He urges iPhone users to enable Lockdown Mode, a feature that can thwart attacks costing up to $20 million.

Key PointsDetails
Growing ThreatsSmartphones increasingly targeted
Zero-Day CostsUp to $20 million for exploits
Ad-Based AttacksSpyware through targeted ads
Protection MeasuresDelete unused apps, enable Lockdown Mode
Key points

A Growing Threat Landscape

Smartphones have increasingly become the target of choice for commercial spyware vendors. These vendors argue that their spyware helps law enforcement track down terrorists and criminals. Yet, it often ends up targeting journalists, activists, and political dissenters.

Citizen Lab, a part of the University of Toronto, has been at the forefront in the fight against commercial spyware. They have discovered multiple zero-day vulnerabilities, enabling software vendors to fix the issues.

Zero-Day Attacks Through Ads
Zero-Day Attacks Through Ads

Skyrocketing Prices for Zero-Day Exploits

In a recent presentation at the IMEDD International Journalism Forum 2023, Marczak revealed that amounts up to $20 million are now being paid for zero-day exploits. These vulnerabilities can compromise smartphones remotely. Most attacks require the target to click on a malicious link. However, ‘zero-click’ attacks, requiring no user interaction, are also becoming more prevalent.

The Advertisements Angle

A report from Israeli newspaper Haaretz disclosed that local ‘cyber companies’ have developed technology to spread spyware through ads1. This approach leverages the targeted nature of modern advertising. While cybercriminals have abused this in the past, spyware vendors are now entering this realm.

“This technology is not just being developed by Israeli firms but is appearing on the horizon and may already be happening,” Marczak commented. He expressed concerns over the hard-to-detect nature of these ad-based attacks, as well as ongoing zero-click attacks.

How to Protect Yourself

Marczak suggests deleting unused chat apps that could serve as an attack vector. For iPhone users, enabling Apple’s Lockdown Mode is highly recommended. This mode limits certain functionalities, reducing the surface area for attacks. Recent exploits by the NSO Group, which used Pegasus spyware, were ineffective against iPhones in Lockdown Mode.

The evolution of spyware attacks is alarming, with advertisements becoming a potential new vector. Taking precautionary measures, such as enabling Lockdown Mode on iPhones, is more crucial than ever. As technology advances, so does the ingenuity of attackers—staying one step ahead is our best defense.

  1. https://www.haaretz.com/israel-news/2023-09-14/ty-article-magazine/.highlight/revealed-israeli-cyber-firms-developed-an-insane-new-spyware-tool-no-defense-exists/0000018a-93cb-de77-a98f-ffdf2fb60000 ↩︎
Reza Rafati https://cyberwarzone.com

Reza Rafati, based in the Netherlands, is the founder of Cyberwarzone.com. An industry professional providing insightful commentary on infosec, cybercrime, cyberwar, and threat intelligence, Reza dedicates his work to bolster digital defenses and promote cyber awareness.

You May Also Like

More From Author

+ There are no comments

Add yours