Sign In

Communications of the ACM

ACM TechNews

Mysterious iOS Attack Changes Everything We Know About iPhone Hacking


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
An iPhone user.

A newly revealed attack hit thousands of iPhones with sophisticated spyware, upending long-held assumptions about the nature of iOS hacks.

Credit: Johannes Eisele/Getty Images

Google researchers discovered thousands of iPhones have been compromised with sophisticated spyware over the last two years, contradicting assumptions about the rarity of such hacks.

Google's Project Zero team disclosed that a handful of websites had organized five exploit chains, connecting 14 security vulnerabilities that enable hackers to infiltrate each layer of iOS digital safeguards and ultimately commandeer the devices.

The team added that the sites were programmed to evaluate iPhones that loaded the spyware, and when possible, hijack them with monitoring malware; once installed, the spyware could track live location data, or poach photos, contacts, passwords, and other sensitive information from the iOS Keychain.

Reading or eavesdropping on communications sent through encrypted messaging services also was potentially possible.

Google said it notified Apple of its zero-day iOS vulnerabilities earlier this year, and they were patched in iOS 12.1.4.

From Wired
View Full Article

 

Abstracts Copyright © 2019 SmithBucklin, Washington, DC, USA


 

No entries found