We use cookies on our websites. Information about cookies and how you can object to the use of cookies at any time or end their use can be found in our privacy policy.

Websites have been smuggling malware onto your iPhone for years

Websites have been smuggling malware onto your iPhone for years

For years, malware was being smuggled onto iPhones via manipulated websites. This allowed attackers to read messages, contacts, photos, passwords and the like. This remained undetected across several iOS versions.

This series of attacks was discovered by Google's Project Zero security team. Apple was informed in February and closed the last existing loopholes. According to Ian Beer of Project Zero, almost all iOS iterations between version 10 and 12, including subversions, were affected.

AndroidPIT ios vs android 0128
The attacks affected iOS 10 to iOS 12 / © AndroidPIT by Irina Efremova

According to Beer, there was no specific target for these attacks by strangers. Users were infected simply by accessing the affected websites from an iPhone. They then started the exploit and install an implant on the devices. Google has not published which pages these were. However, they are said to have had several thousand visitors per week and targeted members of certain communities.

In many cases, so-called zero-day exploits are said to have been used, for which there is no patch yet. Even when Google discovered these attacks, it is said that such a vulnerability was still in iOS. Apple has now closed the door to this.

Attackers were able to find out your location

According to Beer, the software installed on the iPhones could pick up all kinds of information. This included messages from encrypted chats such as iMessage or WhatsApp. The attackers were also able to copy the contact database and all the photos on the device, as well as the data from other apps and the passwords stored in Apple's keychain. In addition, the GPS coordinates of the affected device could be queried in real time.

So a lot of information could be picked up with just one installation. These were transferred unencrypted to a server. However, Beer also notes that the malware did not survive a restart of the device. Such attacks are relatively unknown in the iOS space. Exploits for iOS are relatively rare and are therefore sold for a lot of money - sometimes in the millions - and are usually used in very targeted ways.

Apple reveals new iPhones on September 10

Meanwhile, various media have received invitations to the next Apple event. The manufacturer will actually show the new iPhones on September 10. There's probably going to be a new camera. There is also a rumor about a new naming scheme, which could also include an iPhone Pro.

Recommended articles

4 comments

Write new comment:
All changes will be saved. No drafts are saved when editing
Write new comment:
All changes will be saved. No drafts are saved when editing
Write new comment:
All changes will be saved. No drafts are saved when editing