Malicious website hack iPhone user information: Google
- 5 years ago
MOUNTAIN VIEW, CALIFORNIA — Google's Project Zero has uncovered a hacking operation in which websites carry malware that steal sensitive data from iPhones if users simply visit the site.
The research, which was made public in a Project Zero blog post, had uncovered a total of 14 different vulnerabilities across different iPhone operating systems from iOS10 to iOS12.
The malicious websites would exploit the server and attack the users' device to install a monitoring implant, according to a blogpost by Project Zero. Once the implant was successfully installed, users had their passwords exposed as well as their chat histories on apps such as WhatsApp, Telegram and iMessage.
Hackers were also able to access a person's contacts, Gmail database and their location.
Google had informed Apple about security issues on its phones, reports the Guardian. Apple then released a new operating system update in which once users updated their iPhones, the malware was removed.
Project Zero did not name the infected websites or the number of victims of the attack.
The research, which was made public in a Project Zero blog post, had uncovered a total of 14 different vulnerabilities across different iPhone operating systems from iOS10 to iOS12.
The malicious websites would exploit the server and attack the users' device to install a monitoring implant, according to a blogpost by Project Zero. Once the implant was successfully installed, users had their passwords exposed as well as their chat histories on apps such as WhatsApp, Telegram and iMessage.
Hackers were also able to access a person's contacts, Gmail database and their location.
Google had informed Apple about security issues on its phones, reports the Guardian. Apple then released a new operating system update in which once users updated their iPhones, the malware was removed.
Project Zero did not name the infected websites or the number of victims of the attack.