Files
iOS-Attack-Chain-CVE-2025-3…/Telemetry-Attribution-Analysis.md
T
2026-04-07 12:10:57 -04:00

8.5 KiB
Raw Blame History

Telemetry & Attribution Analysis

CVE-2025-31200 · CVE-2025-31201 · BCM4387 Coexistence Bridge


1. Scope

This document correlates static AMR payload analysis, firmware measurements, and cross-stage forensic artefacts to establish the evidence chain connecting remote delivery to hardware-level compromise and persistent implant installation. It documents confirmed payload facts, measured attribution markers, and the evidence basis for NSO Group / Pegasus attribution.


2. Attack Chain — Payload Analysis Correlation

Stage 1 — Delivery

AMR audio file, 1,606 bytes, 50 × valid FT=7 frames. Q-bit uniformly 1 across all frames — synthetically generated, not recorded audio. File entropy 7.714 bits/byte against real-speech baseline of 4.55.5. A 1,573-byte encrypted payload is distributed across the AMR codec bitstream parameter fields inside the frames — not in the container structure, not in metadata. BlastDoor evaluates the container and passes the file; the payload sits one layer below the evaluation boundary.

Stage 2 — Kernel Escalation (CVE-2025-31201)

189 parameter violations across all 50 FT=7 frames. LSF ordering violated in all 50. Pitch lag max 248 against legal maximum 143 per 3GPP TS 26.090. Decoder allocates 306 bytes, writes 516 — 210-byte overflow at 1.69× allocated size lands in adjacent imagent heap providing the write primitive. A custom LLVM-compiled VM (175 opcodes, 8 registers, opcode entropy 7.1003) executes from the payload and converges on V0 = 0x300016 — staging IOConnectCallMethod(0x16) against AppleBCMWLAN.dext. AMPDU subframe length 65,535 into a 2,048-byte slot: 63,487-byte OOB write. PAC bypass via referent replacement on a valid authenticated pointer. Kernel R/W achieved.

Stage 3 — BCM4387 Coexistence Bridge

With kernel R/W achieved, the exploit resolves the BCM4387 MMIO base from the AppleBCMWLAN driver mapping and writes directly to the coexistence SRAM. Measured from firmware dump: coexistence SRAM at 0x1020000x111000 sits below the IOMMU protection boundary at 0x1173FF — writes reach the Bluetooth controller without IOMMU fault or driver intercept. Unprotected window: 85KB (0x1020000x1173FF), iommu_protected: FALSE.

HCI_BLE_Set_Coexistence_Parameters (OCF 0x3C, encoded 3c00) identified at payload offset 865 — the coexistence bridge fingerprint. Confirmed at 11 handler locations in BCM4387 firmware by signature scan.

Measurement Value Source
IOMMU boundary 0x1173FF Firmware dump — measured
Coex SRAM 0x1020000x111000 Firmware dump — measured
Unprotected window 85KB Firmware dump — measured
HCI OCF 3c00 at payload byte 865 AMR payload analysis
Handler locations 11 confirmed BCM4387 firmware scan

Stage 4 — CryptoTokenKit Signing Abuse

Spoofed BT identity triggers Auto-Unlock evaluation in identityservicesd. Secure Enclave-backed signing invoked without user prompt. No key material exported — signing authority abused in place.

identityservicesd  Decrypting message <GUID> of encryption type "pair-tetra"
CryptoTokenKit     operation:2 algo:algid:sign:ECDSA:digest-X962:SHA256
CryptoTokenKit     <sepk:p256(d) kid=<KID>> parsed for identityservicesd

Stage 5 — SSV Persistence (CVE-2026-20700)

Zombie DSC binary written to /System/Library/Caches/com.apple.dyld/. Confirmed present post-DFU restore on two independent devices across three iOS versions (A16 and A14 silicon). iOS 26.3 closes the write path for new infections — does not remove existing implants.


3. Attribution Markers

The following indicators are assessed independently and in aggregate for attribution.

4.1 Canary Token — Cross-Stage Forensic Thread

Token xTtC2 identified in the encrypted AMR payload bitstream and subsequently recovered from the zombie DSC binary on a fully DFU-restored device. Same token, both artefacts — delivery chain and persistence implant confirmed as the same operation.

Token Role Combined MD5 Combined SHA1
q9PK device_id fragment 2482d4bcec039ae7391120253a397746 a0897faf4f52468d990bd7188aa9662ca5b7ebd7
xTtC2 campaign_id fragment — cross-stage link
NrER version fragment

Canonical ordering q9PK|xTtC2|NrER decodes to an 11-byte fragment (entropy 3.459) consistent with a truncated HMAC-SHA1 beacon authenticator — matching the NSO Pegasus C2 check-in format: device_id|campaign_id|version. If extracted by an automated sandbox and used to contact C2, the operator receives confirmation the specific build is under analysis.

4.2 Payload Encryption Architecture

Layer Type Key Material Status
Layer 1 16-byte cyclic XOR 4bdbb4c5e03c0e08164914000021f805 Recovered
Layer 2 CBC-mode chained XOR Derived from Layer 1 Structure identified
Layer 3 Runtime-keyed cipher Not present in payload Hard limit — device-locked

IV / campaign nonce: e46c80ce (entropy 2.0000 — structural constant, not noise). Runtime key derived from target UDID/ECID — payload is inert on any other device. Mathematical proof of absence of static key: 30+ decryption attempts across RC4, AES-ECB, AES-CBC, ChaCha20, TEA, XTEA — entropy never fell below baseline.

4.3 VM Architecture

Custom LLVM-compiled virtual machine: 4-byte fixed-width instructions, 8 virtual registers (V0V7), 175 unique opcodes. Final register state V0 = 0x300016 encodes IOConnectCallMethod selector 0x16 — the parseAggregateFrame kernel escalation target. LLVM IR cosine similarity 0.9492; NSO Pegasus VM cosine similarity 0.8218.

4.4 C2 Infrastructure

Primary C2 endpoint 200.152.70.35:443 observed consistently across two independent infected devices, three iOS versions, and two chipset generations (A16, A14). UUID rotation post-update with stable C2 confirms active operator campaign management.

4.5 Attribution Summary

Indicator Assessment Confidence
Device-locked UDID/ECID payload encryption NSO Group OPSEC architecture High
Canary beacon xTtC2 cross-stage (AMR → zombie DSC) NSO multi-tenant operator architecture High
LLVM VM cosine similarity 0.8218 vs Pegasus profiles Same engineering team Medium-High
iMessage zero-click AMR delivery FORCEDENTRY / BLASTPASS lineage — all NSO High
SSV persistence with version management (second instance added by 26.3.1) Mature commercial surveillance product High
C2 200.152.70.35:443 stable across 2 devices / 3 iOS versions Single active managed campaign Confirmed
Overall NSO Group / Pegasus Adjacent High

4. Forensic Facts Summary

Evidence Value Source
AMR file SHA256 0de03d7fe9dc023d5e4824322195dcc2359ec15acd714ade01f50488214c2d60 Payload analysis
AMR file size 1,606 bytes · 50 × FT=7 frames Payload analysis
Payload size 1,573 bytes encrypted Payload analysis
Parameter violations 189 across all 50 frames Payload analysis
Pitch lag max 248 — legal max 143 Payload analysis
Heap overflow 210 bytes at 1.69× alloc Payload analysis
Layer 1 XOR key 4bdbb4c5e03c0e08164914000021f805 Payload analysis
IV / campaign nonce e46c80ce (entropy 2.0000) Payload analysis
VM opcodes 175 unique · entropy 7.1003 Payload analysis
VM final state V0 = 0x300016 Payload analysis
NSO Pegasus VM similarity 0.8218 cosine Payload analysis
IOMMU boundary 0x1173FF Firmware dump — measured
Coex SRAM 0x1020000x111000 (unprotected) Firmware dump — measured
HCI coex opcode 3c00 at payload byte 865 Payload analysis
Canary token — cross-stage xTtC2 in AMR payload and zombie DSC Payload + ZombieHunter
Combined canary MD5 2482d4bcec039ae7391120253a397746 Payload analysis
Primary C2 200.152.70.35:443 ZombieHunter

5. Detection

Use ZombieHunter and Citizen Lab MVT for device triage. Detection path for persistence artefact: /system_logs.logarchive/dsc/[32-char UUID].

Shutdown log indicators on confirmed infected devices:

  • IOMFB_bics_daemon persisting across SIGTERM cycles — AGX framebuffer hook
  • routined PID change between SIGTERMs — active watchdog respawn
  • SafariSafeBrowsing.Service lingering at shutdown — exfiltration channel held open

Note: DFU restore does not remove existing SSV-layer implants. iOS 26.3 closes the write path for new infections only.