iPhones hacked by malicious websites

News
By
published

Google researchers find range of flaws leaving users open to attack

(Image credit: Shutterstock.com)

The security of iPhones  has been called into question after researchers discovered that Apple's mobile devices could be at risk of hijacking.

A report from Google's Project Zero security team discovered a number of malicious websites were able to hack into a victim's iPhone without them knowing, infecting the devices with malicious software that was able to data such as contact info, media files and even GPS location.

Hackers would be able to exploit a number of previously unknown software flaws to quietly take over a victim's device, with versions of iPhone software up to and including iOS 12 affected.

Indiscriminate

Outlining the "indiscriminate" attack in a blog post, Google's researchers warned that victims could be affected by the flaws thanks to the "sustained effort" of the hackers.

“Simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant,” Project Zero researcher Ian Beer wrote.

Five distinct iPhone exploit chains comprising fourteen seperate flaws were discovered by the researchers, including seven for the iPhone's Safari web broswer. 

Once infected, hackers could also detect what apps the user had installed, hoovering up data from popular services such as Instagram, WhatsApp and Telegram, as well as Google products such as Gmail and Hangouts.

The vulnerabilities were exploited after the victim visited any of a small collection of hacked websites uncovered by Google's Threat Analaysis Group. These sites were used in a so-called 'watering hole' attack which caused the infected device to visit certain sites up to thousands of times per week for a period of at least two years.

Google's team reported the flaws to Apple earlier this year, with the flaws being patched in the release of iOS 12.1.4 on February 7th, however Beer noted that this could only be one of many attacks against iPhone software.

"Keep in mind that this was a failure case for the attacker," he noted, "for this one campaign that we’ve seen, there are almost certainly others that are yet to be seen."

TOPICS
Mike Moore
Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.

Latest in Phone & Communications
ThinkPhone 25 by Motorola
I reviewed the ThinkPhone 25 by Motorola and while it's not as fast as its predecessor, it's the superior phone in so many ways
FRITZ!Box 7690 WiFi 7 Router
FRITZ!Box tries to embrace both business and home customers with its new 7690 router
Ulefone Armor Pad 4 Ultra Thermal
Other than screen reflection, I’m still looking for the downside to the Ulefone Armor Pad 4 Ultra Thermal tablet
Unihertz Tank Pad 8849
Carrying the Unihertz Tank Pad 8849 provided me with a full workout
Doogee Fire 6
The Doogee Fire 6 is another rugged retro SoC phone that fails to justify its cost or your interest
AGM H Max
AGM H Max rugged phone review
Latest in News
Q Acoustics Q SUB80, QSUB100 and QSUB120 subwoofers
Q Acoustics wants to bring the bass to your post-Oscars movie catch-up
Hospital
Major Oracle outage hits US Federal health record systems
Samsung Galaxy A56 display
Samsung’s new budget handsets are getting One UI 7 before the Galaxy S24 Ultra, and I’m as confused as you are
iPad Pro 13-inch 2024 on a table
The OLED iPad Pro is reportedly less popular than expected – and that could mean these changes to Apple's OLED iPad plans
Sam Porter cradles a baby
Death Stranding 2: On the Beach trailer confirms June release date and an even more harrowing post-apocalyptic world
The Ray-Ban Meta Coperni smart glasses
The new Ray-Ban Meta smart glasses design is an expensive disappointment
More about phone communications
ThinkPhone 25 by Motorola

I reviewed the ThinkPhone 25 by Motorola and while it's not as fast as its predecessor, it's the superior phone in so many ways
FRITZ!Box 7690 WiFi 7 Router

FRITZ!Box tries to embrace both business and home customers with its new 7690 router
Bluetooth

Top Bluetooth chip security flaw could put a billion devices at risk worldwide
See more latest
Most Popular
Bluetooth
Top Bluetooth chip security flaw could put a billion devices at risk worldwide
Michelle and Kid Cosmo watching a video projected onto a screen in Netflix's The Electric State movie
'We could not achieve that with puppetry or animatronics': Joe and Anthony Russo didn't want to build real-life robots for The Electric State for two big reasons
Workers at computers in an office
Cybersecurity workers aren't massively happy with their employers - but they are being paid pretty well
Nvidia logo on a dark background
Nvidia's GeForce graphics driver woes continue for some users, despite 572.75 hotfix's overclock and black screen promises
Garmin Fenix 8 AMOLED watch on wrist
Garmin owners were confused about 13.35 software update for Fenix 8, here's what actually happened
An AI face in profile against a digital background.
Worried about DeepSeek? Well, Google Gemini collects even more of your personal data
Samsung Galaxy A56 display
Samsung’s new budget handsets are getting One UI 7 before the Galaxy S24 Ultra, and I’m as confused as you are
iPad Pro 13-inch 2024 on a table
The OLED iPad Pro is reportedly less popular than expected – and that could mean these changes to Apple's OLED iPad plans
Chrome icon on Android
The US government still wants Google to sell off Chrome
Q Acoustics Q SUB80, QSUB100 and QSUB120 subwoofers
Q Acoustics wants to bring the bass to your post-Oscars movie catch-up