Google researchers discovered thousands of iPhones have been compromised with sophisticated spyware over the last two years, contradicting assumptions about the rarity of such hacks.
Google's Project Zero team disclosed that a handful of websites had organized five exploit chains, connecting 14 security vulnerabilities that enable hackers to infiltrate each layer of iOS digital safeguards and ultimately commandeer the devices.
The team added that the sites were programmed to evaluate iPhones that loaded the spyware, and when possible, hijack them with monitoring malware; once installed, the spyware could track live location data, or poach photos, contacts, passwords, and other sensitive information from the iOS Keychain.
Reading or eavesdropping on communications sent through encrypted messaging services also was potentially possible.
Google said it notified Apple of its zero-day iOS vulnerabilities earlier this year, and they were patched in iOS 12.1.4.
View Full Article
Abstracts Copyright © 2019 SmithBucklin, Washington, DC, USA
No entries found