Were Apple users’ iPhones being hacked for the past two years without them even knowing it? Experts from Google discovered evidence of a mass iPhone hacking attempt that has been silently going on for years.
Apple Security
One of the hallmarks of Apple products, and why so many choose to use them, is the tight security. In fact, earlier this month Apple even offered a $1 million prize to anyone who can hack an iPhone or a Mac. As such, for many years now, the mind-set has been that Apple products are not easily hacked.
However, a recent blog post by a team of Google security analysts revealed evidence of a mass hack that targeted iPhone users. Evidently, researchers discovered that hackers have been using hacked websites to infect and exploit vulnerabilities in iPhones. By simply visiting the websites, the server could attack the device and implant a spyware that would give hackers access to the users’ data including photos, location, contacts, and messages.
In total, the experts found 14 vulnerabilities, half of which related to iPhone’s browser, affecting iOS 10 to iOS 12. They did not, however, name the affected websites.
Mass iPhone Hack
Even more concerning is that the hack had apparently been going on for years. According to the researchers, evidence suggests that a group had been making sustained efforts to hack iPhone users for at least two years, and experts believe that this is not the work of an ordinary hacker. That said, Ian Beer of Google’s Project Zero describes the attempted mass hack as a failure, and Apple immediately rolled out an update to fix the flaws after they were informed of the findings back in February.
“Let’s also keep in mind that this was a failure case for the attacker: for this one campaign that we’ve seen, there are almost certainly others that are yet to be seen,” Beer said. “All that users can do is be conscious of the fact that mass exploitation still exists and behave accordingly; treating their mobile devices as both integral to their modern lives, yet also as devices which when compromised, can upload their every action into a database to potentially be used against them.”
Whether any data was actually stolen as well as the number of affected users remains unclear, but the researchers estimate that the hacked websites receive thousands of visitors every week. As such, it is even more important to be wary and careful of how devices are used every day.