What you need to know
- Google's Threat Analysis Group (TAG) found a number of malicious websites that were being used to attack iPhones.
- The malicious websites were reportedly targeting iPhone users for a period of at least two years.
- iOS vulnerabilities that were being exploited by hackers were patched after Google reported its findings to Apple.
The Project Zero team at Google has announced that it discovered a small collection of hacked websites that were being used to attack iPhones. According to the Project Zero team, merely visiting these hacked websites was enough for the exploit servers to attack the visitor's iPhone.
Google's Threat Analysis Group (TAG) collected a total of five unique iPhone exploit chains, which covered every version from iOS 10 up to the latest iOS 12 version. Once the attackers gained access to a device and a monitoring implant was installed, they could access sensitive information such as the user's photos, messages, location data, and more.
As noted by Motherboard, the attackers could also access the user's keychain, which includes passwords and databases for end-to-end encrypted messaging apps such as WhatsApp and iMessage. Some of the attacks were made using zero-day exploits, which used vulnerabilities that Apple wasn't aware of.
Even though the implants would get removed once an infected iPhone was rebooted, attackers could still access user's accounts and services with the help of the authentication tokens stolen from the keychain. The vulnerabilities were patched after they were reported to Apple by Google in February this year.
You can read more about the five exploit chains that were being used to attack iPhones on the Project Zero blog.
