MobileNews

Google uncovers exploit-laden websites that stole data from iPhones

A small collection of hacked websites targeted iPhones using zero-day attacks for at least a couple of years, Google’s Project Zero team has revealed in a newly published report. The websites don’t even need a user’s input to infiltrate a device: just visiting them is enough to compromise an iPhone. In the case of a successful attack, an implant makes its way to the victim’s device to steal sensitive data like photos and iMessages, as well as to update the attackers on its real-time GPS location.

Motherboard notes that the implant can also infiltrate a user’s keychain and all the passwords in it, as well as the databases for other end-to-end encrypted messaging apps like Telegram and WhatsApp. The Project Zero team discovered a total of fourteen vulnerabilities affecting iPhones running on iOS 10 up to the latest version of iOS 12.

A zero day exploit made use of a vulnerability that wasn’t known to Apple beforehand, so users had no means to be protected from attacks. The good news is that the malware the websites use disappears whenever an infected iPhone gets rebooted. Google also told Cupertino about the issues in February, and the tech giant already rolled out a fix with an iOS 12 update released that month.

Check out the latest Apple iPhones at great prices from Gizmofashion – our recommended retail partner.


Author: Mariella Moon
Source: Engadget


Related posts
AI & RoboticsNews

How Amex uses AI to increase efficiency: 40% fewer IT escalations, 85% travel assistance boost

AI & RoboticsNews

The tool integration problem that’s holding back enterprise AI (and how CoTools solves it)

AI & RoboticsNews

Beyond generic benchmarks: How Yourbench lets enterprises evaluate AI models against actual data

Cleantech & EV'sNews

Hyundai just unveiled its 'Dream Car' — but will it bring the funky Insteroid EV to life?

Sign up for our Newsletter and
stay informed!