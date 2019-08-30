Companies / Telecoms & Technology

Google uncovers iPhone hacking operation

Malicious software ‘primarily focused on stealing files and uploading live location data’

30 August 2019 - 11:02 Agency Staff
Washington — Google security experts uncovered an “indiscriminate” hacking operation that targeted iPhones over a period of at least two years and used websites to implant malicious software to access photos, user locations and other data.  

In a post on Thursday on the blog of Google’s Project Zero security task force, cyber experts did not name the hacked websites hosting the attacks, but estimated they received thousands of visitors a week.

“Simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant,” said Project Zero’s Ian Beer.

Once installed, the malicious software “primarily focused on stealing files and uploading live location data,” Beer said, adding it had been able to access encrypted messenger apps such as Telegram, WhatsApp and iMessage.

Google hangouts and Gmail had also been affected, he added in the post, which provided a detailed breakdown of how the malicious software targeted and exploited iPhone vulnerabilities.

Most of the vulnerabilities targeted were found in the iPhone’s default Safari web browser, Beer said, adding that the Project Zero team had discovered them in almost every operating system from iOS 10 through to the iOS 12 version.

Once embedded in a user’s iPhone, the malicious software sent back stolen data, including live user location data back to a “command and control server” every 60 seconds.

Beer said Google had informed Apple of the attacks in February, and Apple subsequently released a security patch for the iOS 12.1.

Long the driver of Apple’s moneymaking machine, iPhone revenue overall was down 12% from 2018 to $26bn.

The tech giant sent out invitations on Thursday to a September event at its Silicon Valley campus where it is expected to unveil a new-generation iPhone.

Chinese officials demand to examine phones of travellers from Hong Kong

The checks add to signs Beijing is lifting efforts to control the flow of information on the Hong Kong protest amid fears it could inspire similar ...
World
2 weeks ago

How one tech firm's spyware can get all your Apple, Google, Microsoft, Facebook and Amazon data

NSO’s smartphone malware, Pegasus, has apparently evolved to capture the much greater trove of data stored beyond a phone
Opinion
1 month ago

Stalking apps leave victims nowhere to hide

Stalkerware, which treads a fine legal line when it comes to data privacy, has been found on thousands of phones, despite being banned by major app ...
Opinion
1 month ago

