"A simple visit to one of the hacked sites was enough for the operating server to attack your device, and, if successful, install a monitoring program," said Ian Beer, Project Zero.
Once installed, the malicious software "will first steal the files and download the geolocation data," he added, adding that he was also able to access encrypted messages shared via applications such as Telegram, WhatsApp and iMessage.
Google's instant messaging, Google hangouts, and Gmail were also affected, said Ian Beer in this publication, which provides details on how the malware has targeted and exploited the vulnerabilities of the iPhone.
Most of these flaws are in the default Safari web browser, according to Beer, who says the Zero Project team has discovered them in almost every operating system, from iOS 10, to the current version iOS12.
Once embedded in the iPhone, the malware transmitted captured data, including live geolocation, transmitted every minute.
According to Ian Beer, Google informed Apple of these attacks in February, after which the giant Apple has issued a security patch for iOS 12.1.
The iPhone, which has long been Apple's cash cow, saw its turnover drop by 12% in the last quarter compared to last year, and now accounts for less than half of the group's revenues. .
Apple is expected to present September 10 its new range of iPhone.