In an article published Thursday on the Google Project Zero blog (New window), experts believe that websites that have been hacked to host these attacks receive several thousand visits per week. It was not clear which sites had been affected.
A simple visit to one of the hacked sites was enough for the operating server to attack your device, and, if successful, install a monitoring programsaid Ian Beer of Project Zero.
Once installed, the malware
starts by stealing the files and uploading the geolocation dataHe added that he had also been able to access encrypted messages shared via applications such as Telegram, WhatsApp and iMessage.
Google's instant messaging, Google Hangouts, and Gmail were also affected, said Ian Beer in this publication, which also provides details on how the malware has targeted and exploited the vulnerabilities of the iPhone.
The flaws present in several versions of iOS
Most of these flaws are in the default Safari web browser, according to Beer, who says the Zero Project team has discovered them in almost every operating system, from iOS 10, to the current version iOS12.
Once embedded in the iPhone, the malware transmitted captured data, including live geolocation, transmitted every minute.
According to Ian Beer, Google informed Apple of these attacks in February, after which the giant Apple has created a security patch for iOS 12.1.
The iPhone, which has long been Apple's cash cow, saw its turnover fall by 12% in the last quarter compared to last year, and now accounts for less than half of the group's revenues .
Apple is expected to present September 10 its new range of iPhone.