Hackers may have accessed photos, data on iPhones for over 2 years: Google

Topics Apple  | iPhone | Apple Inc

Google security experts uncovered an "indiscriminate" hacking operation that targeted iPhones over a period of at least two years and used websites to implant malicious software to access photos, user locations and other data. 

In a post Thursday on the blog of Google's Project Zero security taskforce, cyber experts did not name the hacked websites hosting the attacks, but estimated they received thousands of visitors a week.

"Simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant," said Project Zero's Ian Beer.

Once installed, the malicious software "primarily focused on stealing files and uploading live location data," Beer said, adding it had been able to access encrypted messenger apps like Telegram, WhatsApp and iMessage.

Google hangouts and Gmail had also been affected, he added in the post, which provided a detailed breakdown of how the malicious software targeted and exploited iPhone vulnerabilities.

Most of the vulnerabilities targeted were found in the iPhone's default Safari web browser, Beer said, adding that the Project Zero team had discovered them in almost every operating system from iOS 10 through to the current iOS 12 version.

Once embedded in a user's iPhone, the malicious software sent back stolen data, including live user location data back to a "command and control server" every 60 seconds.

Beer said Google had informed Apple of the attacks in February, and Apple subsequently released a security patch for the iOS 12.1.  

Long the driver of Apple's money-making machine, iPhone revenue overall was down 12 per cent from last year to $26 billion.

The tech giant sent out invitations on Thursday to a September event at its Silicon Valley campus where it is expected to unveil a new-generation iPhone.  



Dear Reader,


Business Standard has always strived hard to provide up-to-date information and commentary on developments that are of interest to you and have wider political and economic implications for the country and the world. Your encouragement and constant feedback on how to improve our offering have only made our resolve and commitment to these ideals stronger. Even during these difficult times arising out of Covid-19, we continue to remain committed to keeping you informed and updated with credible news, authoritative views and incisive commentary on topical issues of relevance.

We, however, have a request.

As we battle the economic impact of the pandemic, we need your support even more, so that we can continue to offer you more quality content. Our subscription model has seen an encouraging response from many of you, who have subscribed to our online content. More subscription to our online content can only help us achieve the goals of offering you even better and more relevant content. We believe in free, fair and credible journalism. Your support through more subscriptions can help us practise the journalism to which we are committed.

Support quality journalism and subscribe to Business Standard.

Digital Editor

Business Standard is now on Telegram.
For insightful reports and views on business, markets, politics and other issues, subscribe to our official Telegram channel