Set as Homepage - Add to Favorites

【Chris Cassidy Archives】

Source:Unobstructed Information Network Editor:Social Good Time:2025-06-26 07:41:58

In what's being touted as potentially one of the biggest attacks on Chris Cassidy ArchivesiPhone users ever, Google has revealed that a collection of websites were hacked to deliver malware onto iPhones, with the iOS vulnerabilities involved going unchecked and undiscovered for years -- as well as subsequent attacks.

The hacks installed zero-interaction malware into unnamed sites that received thousands of visitors every week. Simply visiting the sites, without clicking or scrolling at all, could deliver a monitoring implant onto users' iPhones.

Google demonstrated that the implant could "steal private data like iMessages, photos and GPS location in real-time"; it also had access to users' keychains and password data, as well as database files containing plaintext of messages sent and received in messaging apps such as Google Hangouts, and even end-to-end encrypted apps including WhatsApp, iMessage, and Telegram.

The malware would be wiped if the iPhone was rebooted, but any sensitive information obtained during the infection could still leave the device, its user, and their online life vulnerable to attack.

SEE ALSO: Apple will announce new 'iPhone 11' and 'iPhone 11 Pro' on September 10

While the choice of sites appeared designed to target certain communities, the attack was otherwise indiscriminate.

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

Google's security research initiative Project Zero posted a "very deep dive" detailing the exploits, which their Threat Analysis Group discovered and disclosed to Apple in Feb. 2019.

The team found five "separate, complete and unique" exploit chains using 14 vulnerabilities. Several were zero-day, meaning Apple was unaware of them at the time of Project Zero's discovery; Apple patched these within the seven-day deadline Google gave in iOS 12.1.4, the same Feb. 7 update that patched the infamous Group FaceTime vulnerability.

The exploits date back to iOS 10 and through updates of iOS 12.1.2, encompassing "almost every version" in that timeframe.

The number of Apple exploits discovered appears to have risen sharply over the past year. At the end of July, Project Zero revealed six zero-interaction security bugs that could be exploited through iMessage, only five of which Apple had managed to patch by the time the Google team revealed them. And in August, news broke of the SQLite vulnerability, as demonstrated at DEFCON 2019 using the iOS Contacts app, as well as the vulnerability to the Bluetooth-based "KNOB" attack that affected every iPhone and iPad.

Mashable has contacted Apple for comment.

Featured Video For You
Apple to sue Corellium over ‘illegal replication’ of iOS

Topics Cybersecurity

Previous:Today's Hurdle hints and answers for May 5, 2025

Next:Big-League Bluster

Related Articles
Related Recommendations
Categories
Latest Articles
Popular Articles
Hot Recommendations
Featured Column

Quick Links

Best Black Friday deals: Save up to $1,900 at SamsungBest Cyber Monday mattress deals 2024: Save big on top brandsBest Black Friday deals on books at Walmart, AmazonCanadian publishers take OpenAI to courtBest Cyber Monday printer and scanner deals: Save up to 55% on Epson, Canon, HP, moreThe Best Black Friday 2024 Kindle deals to shop heading into Cyber MondayNYT Connections hints and answers for December 1: Tips to solve 'Connections' #539.Best Cyber Monday noiseShop the best Black Friday deals under $50 before they're goneBest Cyber Monday tablet deals 2024: More than just iPadsBest Black Friday deals 2024 still live: Shop Amazon, Best Buy, Target, moreShop the best Cyber Monday deals under $50 before they're goneI can't stop thinking about these 4 Black Friday laptop deals — and they're still liveBuy two Echo devices and save $5 for Cyber Weekend'Sonic X Shadow' Black Friday deal: 40% off at AmazonBest Cyber Monday TV deals at Amazon: TVs start at $79.99Best Black Friday gift card deals: DoorDash, Instacart, Hulu, live at Amazon, Best Buy, and moreWalmart Cyber Monday deals 2024: Shop 125+ dealsThe best Dyson Supersonic dupes we've tested are all on sale for Black Friday 2024Best Black Friday Sonos deals: Era 300, Ace, Beam at record lows Little boy walks dog in astronaut costume, becomes instant Photoshop battle star Samsung opens pre How to host a virtual New Year's Eve party How to connect and use PS4 and PS5 controllers on your PC Retired couple that cosplays together is the very definition of relationship goals Woman covers entire face with pink glittery poster paint and you know what happens next How Big Tech failed to stop misinformation in 2020 Nicki Minaj dropped Seth Rogen’s name in a verse and he lost his mind 10 of the most anticipated TV shows to watch in 2021 'Wonder Woman 1984' has a musical connection to 'Batman v Superman' Steve Trevor's return in 'Wonder Woman 1984' raises some questions Refresh your winter nest with up to 50% off Cost Plus World Market furniture 2020 was the year activists mastered hashtag flooding This Forever 21 shirt looks just like another shirt designed to benefit Planned Parenthood Dog and kitten are the epitome of friendship goals How to plan for 2021 after saying good riddance to 2020 15 movies we can't wait to see in 2021 Apple bans app that promoted secret parties during pandemic Mira Nair's 'A Suitable Boy' is a visual feast set in post Tesla drivers can set their horn to fart sounds — or record their own

2.5121s , 8224.125 kb

Copyright © 2025 Powered by 【Chris Cassidy Archives】,Unobstructed Information Network  

Sitemap

Top

Quick Links