Security Flaw iPhone- Smartphone security is having a rough week, as Google researchers discovered an “unprecedented” iPhone hacking enterprise that saw thousands of users per week affected by the operation.
There’s no denying that the tech industry is in a bit of a security crisis at this point in history. Hacks and breaches are compromising our personal information on what feel like a daily basis, and tech companies aren’t making a huge effort to put a stop to it. Heck, Google experienced its own malware problem earlier this week, and innovative malware practices are making headlines regularly.
Now, Google researchers have announced that a substantial malware attack likely affected scores of iPhone users just for visiting a few suspect websites.
What Did Google Research Find?
Project Zero, an internal team at Google composed of white-hat hackers looking for gaps in consumer tech security, discovered the vulnerability earlier this year. They found that the hackers used a small network of websites to deliver malware to iPhone users that visit them.
The breach gave hackers access to chat history on apps like WhatsApp and iMessage, as well as location information, Gmail databases, address books, and keychains, which house passwords to a wide range of other accounts.
Fortunately, Project Zero alerted Apple of the issue in February and a security update was installed less than a week later. Unfortunately, according to some of the members of Project Zero, it might be too little too late.
“Given the breadth of information stolen, the attackers may nevertheless be able to maintain persistent access to various accounts and services by using the stolen authentication tokens from the keychain, even after they lose access to the device,” said Ian Beer, a security researcher at Google, to The Guardian.
Were All iPhones Affected?
This is perhaps one of the more unsettling aspects of this story. The hacking operation was not only successful at gleaning all that personal information, but it was also able to access a surprisingly vast number of iPhones, with some practices even affecting completely up-to-date models.
To make matters worse, iPhone users didn’t even have to interact with the malicious websites to be affected by the hack. If you simply visited one of these websites while using your iPhone, your device was immediately compromised. Fortunately, the hack wasn’t too persistent, as a mere restart could wipe the malware from the device, but as Beer pointed out, the damage may have already been done.