Posts Tagged ‘blog post’

‘Visiting hacked site was enough’: Google says it discovered major iPhone security exploits

Posted by RT on August 30, 2019  |   Comments Off on ‘Visiting hacked site was enough’: Google says it discovered major iPhone security exploits

Google’s cyber security team has disclosed what it said were critical vulnerabilities in the iPhone, potentially allowing hackers to access millions of devices over the last two years.

Days after an emergency security patch was rushed out for the latest iPhone operating system (iOS), Google’s Project Zero has claimed that previous iOS versions were susceptible to major intrusions, in some cases letting hackers install “monitoring implants” on devices to steal sensitive information.

Also on rt.com
FILE PHOTO: VP for Apple Pay Jennifer Bailey speaks at a company event in California.
Bad credit: Apple warns its new titanium credit card could be damaged by … pretty much anything

The security researchers found that a “collection of hacked websites” were used to exploit fourteen different vulnerabilities on iPhones running on iOS versions 10 through 12.

“There was no target discrimination; simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant,” wrote Project Zero’s Ian Beer in a detailed blog post.

We estimate that these sites receive thousands of visitors per week.

Beer added that the team’s findings indicate that a group of hackers made a “sustained effort” to breach iPhones over a two year period.

The monitoring implants gave hackers the ability to access everything from images and messages stored on an affected device, apps like Gmail, WhatsApp and Instagram, and highly sensitive information like banking logins and other passwords, potentially leaving customers open to serious identity theft.

While Apple did eventually patch the holes in its iOS update 12.1.4, for years customers were vulnerable to the intrusions, which could still affect users on older devices, or who have not updated their software.

Apple has not yet weighed in on the disclosures.

Also on rt.com
© Phil Noble
Google sued for ‘snooping on iPhone users’: Will 5.4mn Brits get compensation?

Apple is not the only tech firm struggling to protect users’ data. Google itself has come under fire over privacy issues. The company was taken to court in the United Kingdom in 2017 over allegations of illegal data collection that affected up to 5.4 million people, while the operating system on Google’s Android – a major iPhone competitor – was found to collect ten times more user data than Apple’s counterpart. The tech giant also agreed to shell out $22.5 million to the US Federal Trade Commission in 2012 over “misrepresented privacy assurances” to customers.

Also on rt.com
 © Global Look Press/ Rodrigo Reyes Marin
Outcry after study shows Google’s Android collects ten times more data than Apple’s iOS

If you like this story, share it with a friend!

  • Head Office

    AfriSat Investments Ltd Office 113, 2nd Floor, Medine Mews, Chaussee Street, Port Louis, Mauritius
    Telephone : +230 212 99840
    Email : info@afrisatinvestments.com
    Mobile : +27 79 100 4087
    Website : www. afrisatinvestments.com
  • Map

    Click to open larger map