Exploit Chain

10th January 2020 | Cybrary Exploit Chain


An Exploit Chain is an attack that involves multiple exploits or attacks that are chained together to fully compromise a device. In these attacks, Hackers cannot use a single exploit to compromise their target but instead can combine a series of exploits that ultimately lead to malware getting installed on a smartphone (iOS or Android) which can lead to the loss of critical and sensitive data.  In the cases described in the video below, the websites visited by unsuspecting users contain a variety of attacks which when chained together can compromise the smart phones targeted.

How do I protect myself?

There are a few strategies you can employ to protect yourself from these chained exploits including:

  1. Patch your iOS/Android device to the latest version of vendor OS for the best chance of protection based upon Apple and Android fixing these things without publicly disclosing them to the public.
  2. Reboot your phone.  These exploit chains in their current incarnation was only valid while the device was live after visiting the malicious website.  Rebooting the device reverted to a pristine OS.

Related Terms: Attack, Exploit, Hacker

Source: Chained Exploits, Andrew Whitaker

Additional Reading:

A very Deep Dive into Exploit Chaining (Google’s Project Zero)

yCombinator Exploit Chaining Article

A Deep Dive into iPhone Exploit Chaining (a 40 min. video)

Latest Blogs

Stay sharp with the latest security insights

Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.

The Ransomware an AI Model Built Without Trying

The Ransomware an AI Model Built Without Trying

Researchers went looking for a fake photo upscaler and found something stranger: a ransomware kit an AI model...

Read more
CyberHoot Goes Fully Passwordless: Native Passkey Support Arrives for Administrators

CyberHoot Goes Fully Passwordless: Native Passkey Support Arrives for Administrators

For four years, CyberHoot has argued the same thing on its blog: passwords are major weak link. They get reused,...

Read more
Don’t Score an Own Goal: Outsmart World Cup 2026 Scams

Don’t Score an Own Goal: Outsmart World Cup 2026 Scams

The 2026 FIFA World Cup kicked off on June 11th across the United States, Canada, and Mexico. Six million fans...

Read more