The team Project Zero Google has detected a mass piracy targeting the iPhone for at least two years.
Indeed, "Project Zero" is a Google team made up of cyber security researchers. According to their finding, many iPhone users were victims of hacking through multiple security holes for which the Cupertino company never released a fix. In addition, the attacks would have affected users from iOS 10 to iOS 12: " This was a group making a sustained effort to hack iPhone users into certain communities over a period of at least two years. "
The purpose of these attacks was to collect as much user data as possible: " Working with TAG, we discovered fourteen vulnerabilities across five domains: seven for the iPhone's web browser, five for the kernel, and two for the sandbox. The initial scan indicated that at least one of the elevation of privilege chains was still uncorrected at the time of discovery. "
The last patch to correct these flaws is the one released on February 9 by Apple, in other words, iOS 12.1.4. " Being targeted may simply mean being born in a certain geographic area or belonging to a certain ethnic group. All that users can do is be aware that mass exploitation always exists and behave accordingly; to treat their mobile devices both as part of their modern life, but also as devices that, once compromised, can upload each of their actions into a database for possible use against them. "
This case proves that Apple's mobile operating system is still far from foolproof. The company run by Tim Cook is usually quite responsive to fix security flaws however, nothing says iOS is totally secure. There could be other gaps still unknown today, allowing access to iPhone without the knowledge of its users. If so, let's hope Apple finds them before they are exploited by malicious people.