Man holding Apple iPhone 6

Hackers have been targeting iPhones for years, Google reveals

Image credit: Dreamstime

Writing in a detailed blog post, a Google researcher has said that hackers have been indiscriminately installing ‘monitoring implants’ into iPhones for years.

According to Ian Beer, a researcher for Google’s security research division (Project Zero), hackers were able to gain access through "compromised websites" which attract thousands of visitors every week. In most cases, the vulnerabilities were identified within Apple’s default browser, Safari. Systems from iOS 10 to the current iOS 12 were targeted.

Beer said that Project Zero researchers had identified least five unique exploit chains. Their findings indicated that hackers had sustained efforts to hack as many iPhones as possible over a period of at least two years. During this time, essentially every iPhone was vulnerable.

“There was no target discrimination; simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, to install a monitoring implant,” he wrote in the blog post.

He warned that while the ‘monitoring implants’ are not saved on Apple devices, they can provide further access to hackers when the user visits these sites: “Given the breadth of information stolen, the attackers may nevertheless be able to maintain persistent access to various accounts and services by using the stolen authentication tokens from the keychain, even after they lose access to the device.”

The malware reportedly accessed apps including WhatsApp, Gmail and Instagram, hoovering up users’ pictures, contacts, login details and other sensitive data.

Google reported the security issues to Apple on February 1 2019. Apple released an update six days later. iPhone users have been advised to ensure that their handsets are running the up-to-date version of iOS to protect against the security flaw.

While Apple has long maintained a good reputation for privacy and security – even refusing to allow the FBI access to a terror suspect’s iPhone due to the risk of compromising other iPhone users in the process – this disclosure comes at a difficult time for the company. Earlier this week, Apple released an emergency iPhone patch, after accidentally reopening a vulnerability in a previous iOS update which left many iPhones vulnerable to ‘jailbreaking’ via malicious apps.

Wicus Ross, a researcher at cyber-security company SecureData, said that users who do not accept OS upgrades or security patches are much more likely to be affected by these attacks, whether they use Apple or Android devices. “If this is true for iOS, then there is a good chance Android devices are also being targeted," Ross said.

"Based on the numbers that we have, it is very likely that a similar campaign targeting Android devices will be much more successful. Our research shows that Android users patch behaviour leaves much to be desired”.

Sign up to the E&T News e-mail to get great stories like this delivered to your inbox every day.

Recent articles