iPhone and iPad users were vulnerable to exploit spanning years, according to Google
British cybersecurity expert Ian Beer, a member of Google’s Project Zero, discovered “booby-trapped” websites which were discreetly implanting malicious software onto iPhones through the Safari application.
Safari is an internet browser permanently installed on all iOS and MacOS devices. According to Google’s analysis, the malicious websites had been visited thousands of times per week, making the potential of successful breaches extremely high.
When successful, the attacks would leave monitoring software on users iPhone devices, giving the hackers access to an enormous amount of user data including contacts, images and GPS location.
According to Mr Beer, there was no “target discrimination”.
“Simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant.”
Googles Project Zero taskforce, who work to discover new security vulnerabilities known as ‘Zero-Days’, said they discovered attackers were using 12 separate security flaws in order to hack users iPhones. Most of these flaws were found within the Safari application, which is commonly the default browser on Apple products.
Mr Beer believes the hack will have be running for as long as 2 years. This is because the attackers were able to exploit all versions of iPhones operating system between iOS10 and iOS12. Apple commonly upgrade their operating system every year, meaning devices could have been compromised for as long as 2 years.
Apple did release a patch for these vulnerabilities back in February, however they have refused to comment on whether or not they were aware of users devices being compromised using the flaws found in their Safari application.
iPhones currently using iOS12.4.1 or higher are protected from these vulnerabilities. To remain protected you should keep all of your devices up to date with all the latest software updates to ensure all the latest security patches are in place.
To install the latest version of iOS onto your iPhone, simply go to ‘Settings – General – Software Updates’.