Google experts have reported one of the largest cyberattacks in the history of iPhone owners.According to them, attackers hacked a number of sites and with their help infected iOS devices with malware.
“Earlier this year Google’s Threat Analysis Group (TAG) discovered a small collection of hacked websites. The hacked sites were being used in indiscriminate watering hole attacks against their visitors, using iPhone 0-day“, — report Google researchers.
Vulnerabilities, like the malicious campaign itself, have not been known for several years.
As part of a malicious operation, unknown hacked sites whose audience totaled several thousand users per week. The victims only had to go to a compromised resource, and malware was immediately downloaded onto their iPhone. Clicking on site elements or scrolling pages was not necessary.
Malicious software could steal victim’s confidential information, including photos from iMessage and GPS coordinates of the current location. The malware also had access to passwords in Keychain and a database of unencrypted messages in communication services like Google Hangouts and even encrypted messages from WhatsApp and Telegram.
After the iPhone rebooted, malware was deleted, but the device and its owner remained vulnerable to cyberattacks.
In total, Google Threat Analysis Group specialists discovered five separate unique exploits for 14 vulnerabilities, including zero day.
“TAG was able to collect five separate, complete and unique iPhone exploit chains, covering almost every version from iOS 10 through to the latest version of iOS 12. This indicated a group making a sustained effort to hack the users of iPhones in certain communities over a period of at least two years”, — report researchers.
Google experts reported vulnerabilities to Appl in February this year, and the company fixed them with the release of iOS 12.1.4. Vulnerabilities affect all versions of iOS, from iOS 10 to iOS 12.1.2 inclusive.
The reality remains that security protections will never eliminate the risk of attack if you’re being targeted. To be targeted might mean simply being born in a certain geographic region or being part of a certain ethnic group. All that users can do is be conscious of the fact that mass exploitation still exists and behave accordingly; treating their mobile devices as both integral to their modern lives, yet also as devices which when compromised, can upload their every action into a database to potentially be used against them.