Google reveals two-year old ‘indiscriminate’ iPhone hack

This iPhone hack was planted in websites which allowed hackers to access photos, user locations and even encrypted messages on WhatsApp, Telegram and iMessage.

By: AGENCE FRANCE-PRESSE
| Updated on: Aug 20 2022, 16:41 IST
Google’s Project Zero discovers iPhone hack.
Google’s Project Zero discovers iPhone hack. (REUTERS)

Google security experts uncovered an "indiscriminate" hacking operation that targeted iPhones over a period of at least two years and used websites to implant malicious software to access photos, user locations and other data.

In a post Thursday on the blog of Google's Project Zero security taskforce, cyber experts did not name the hacked websites hosting the attacks, but estimated they received thousands of visitors a week.

You may be interested in

MobilesTablets Laptops
Apple iPhone 15 512GB
  • Black
  • 6 GB RAM
  • 512 GB Storage
37% OFF
Google Pixel 7 Pro 5G
  • Obsidian
  • 12 GB RAM
  • 128 GB Storage
7% OFF
Google Pixel 7 5G
  • Obsidian
  • 8 GB RAM
  • 128 GB Storage
11% OFF
Google Pixel 7A
  • Charcoal
  • 8 GB RAM
  • 128 GB Storage

"Simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant," said Project Zero's Ian Beer.

Also read
Looking for a smartphone? To check mobile finder click here.

Once installed, the malicious software "primarily focused on stealing files and uploading live location data," Beer said, adding it had been able to access encrypted messenger apps like Telegram, WhatsApp and iMessage.

Google Hangouts and Gmail had also been affected, he added in the post, which provided a detailed breakdown of how the malicious software targeted and exploited iPhone vulnerabilities.

Most of the vulnerabilities targeted were found in the iPhone's default Safari web browser, Beer said, adding that the Project Zero team had discovered them in almost every operating system from iOS 10 through to the current iOS 12 version.

Once embedded in a user's iPhone, the malicious software sent back stolen data, including live user location data back to a "command and control server" every 60 seconds.

Beer said Google had informed Apple of the attacks in February, and Apple subsequently released a security patch for the iOS 12.1.

Long the driver of Apple's money-making machine, iPhone revenue overall was down 12 percent from last year to $26 billion.

The tech giant sent out invitations on Thursday to a September event at its Silicon Valley campus where it is expected to unveil iPhone 11.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 30 Aug, 13:37 IST
NEXT ARTICLE BEGINS