Project Zero, Google's team of computer security researchers, has once again discovered 0-day vulnerabilities affecting the maker to the apple. Exploited by cybercriminals over a minimum period of two years and not corrected by Apple, these flaws would have impacted a very large number of users ofiPhone from iOS 10 to the latest version of the operating system.
Massive hacking of iPhone users
After revealing a security hole in the core of macOS last March, Google's cyber security experts reveal to us this time that massive piracy operation would have made many victims for a minimum period of thirty months, since the launch of iOS 10 in September 2016.We learn thata simple visit to a website was enough to infect an iPhone. Ian Beer from Project Zero spoke about this in a blog post: " The hackers were not targeting a particular target, a simple visit to one of the hacked sites was enough for the operating server to attack your device, and, if successful, install a monitoring program ".
Several unknown vulnerabilities of the services of Apple could thus be exploited by the attackers, they concern iOS but also its web browser Safari. This hacking would have allowed the malware to recover geolocation data, the passwords of the various applications installed, and even to have full access to encrypted e-mail such as Telegram and WhatsApp.
Still, the attack was not persistent, according to the Project Zero, that is if the user restarted his iPhone the malicious program was removed. But the experts explain that " attackers were able to maintain access to various accounts and services Using the information stolen during the infection, even though they no longer had access to the device.
A correction made in February
In total, researchers commissioned by Google have discovered 14 vulnerabilities and five chains of vulnerabilitiessince the launch of iOS 10. Apple has instantly corrected the problem after being informed by the team Project Zero in February 2019, via a patch provided by version 12.1.4.
Another bad news for Apple after a disappointing quarter and a drop in iPhone sales. The giant should however revive by unveiling its new iPhone September 10.
Source: Project Zero