In their most extensive and very detailed report, the Google researchers describe one of the largest attacks ever carried out against the occupiers iPhone.
Εfor many years, one of her biggest arguments Apple, for the supremacy of iPhone is the security offered by the operating system iOS to the user and protection against malware attacks. Sure, in these 10+ years of iPhone existence, security incidents have been recorded, but in no case do they come close to the number of those who "rob" the Android OS. At least that is what we believed until today and specifically until the team's research is published Google Project Zero.
In their most extensive and detailed report, Google researchers describe one of the largest attacks ever carried out on iPhone owners through some hacked websites that distribute malware to users. An iPhone could very easily be infected by malware as long as its owner visits one of these websites, with the latter receiving thousands of hits each week.
The problem was found in 5 separate security vulnerabilities in iPhones running iOS 10 up to all versions of iOS 12.
This malware could steal personal data such as photos, real-time location, passwords, text messages from services such as WhatsApp, iMessage, Telegram, etc. The good news is that the malware is deleted if the iPhone is reset to factory settings.
According to Ian Beer,
In collaboration with Google's TAG (Threat Analysis Group), we discovered a total of 14 vulnerabilities: seven in the iPhone web browser, five in the iOS kernel and two in separate sandbox escapes. At the time of our initial analysis, at least one of these gaps remained unrepaired by Apple.
It should be noted that the Google Project Zero team informed Apple on February 1, 2019 about its findings, with Apple "closing the holes" with the version iOS 12.1.4 released on February 7, 2019.
This chain of security vulnerabilities is unique because the attacks were clearly targeted at specific areas, but if for any reason a user visited one of the hacked websites, then the ball would "take" him.
If you have the appetite and time, you can take a look at the full analysis of the Project Zero team. What we hold, however, is that even Apple can not guarantee absolute safety and in fact had not realized the existence of such serious gaps for more than 2 years.
[the_ad_group id = ”966 ″]