iPhone Under Attack: Getting Hacked Just By Visiting Websites!

Must Read

Apple iPhone 12: Not For India And You Must Not Fall Prey To Apple’s Marketing Machine

The cat is out from the bag, finally! Apple iPhone 12 has launched in the most sophisticated...

Musk Slashes Tesla Car Price Twice in One Week, Served With A Side of His Wacko Humour

Time is witness that Elon Musk and eccentricities come along as a combo package.

Micromax is Back, Sets Eyes On Xiaomi’s Crown

A fallen pioneer, banished from its own motherland by collective foreign forces, has finally roused itself up!

Yes, you read it right, a website could hack iPhone.

In January this year, it was the very first time when Apple disclosed that active install base of iPhone has reached 900 million. With a global active installed base is expected to exceed 1 billion this year, Apple’s iPhones continue to be some of the most desired smartphones worldwide. Therefore, the reported incidents of a coordinated hacking campaign attacking iOS users, undoubtedly, come as unpleasant news to the tech magnate.

Apple iPhone, famous for their locked-down security, are under threat of being hacked by simply visiting a normal looking website. A report published recently in a disquieting blog post by Google’s Project Zero researcher Ian Beer states that an iPhone hacking campaign, discovered earlier this year, is targeting iPhone users through hacked websites. Simply visiting such websites once is enough for the exploit server to attack your iOS device.

Advertisements

iPhone Hacking: Watering Hole Attacks

Known as watering hole attacks, these exploits can compromise the security of end-users by infecting websites and using them as bait to load malware into the victim’s device. These malware or malvertisements infect devices visiting the website. This technique is one of the most used hacking techniques today and is used to conduct identity theft and steal sensitive information from unsuspecting victims.

This iPhone hack epidemic was brought to attention earlier this year by Project Zero’s cybersecurity researchers. It included at least five iPhone exploit chains with the ability to remotely jailbreak an iPhone and implant it with spyware by exploiting 14 different flaws in Apple’s iOS, including flaws in Safari Web Browser, iOS kernel and sandbox escape issues. According to researchers these can attack devices with the iOS 10 and succeeding mobile operating systems.

These attacks are programmed to steal photos, iMessages, and live GPS location data from devices and upload them to an external server every sixty seconds. Also, the implant can gain access to the device’s keychain data which contains authentication tokens, credentials and certificates accessed by the device.

Other popular end-to-end encryption apps on iOS platform like Whatsapp and Telegram are also vulnerable to these exploits.

What to Do?

Ian Beer warns users that while rebooting their iPhone can automatically wipe off the implant, albeit revisiting the hacked website would again reinstall it. Given that these websites receive thousands of visitors weekly, avoiding them may not be easy. Furthermore, attackers can use already stolen information to access various accounts and services even if the implant is wiped.

Advertisements

Beer also notes that the group behind the iPhone hacking could be targeting users of iPhones in certain communities for over two years.

Although no information about the hacked websites was released, Apple assures its users that the majority of these issues have been patched. iOS users are advised to update their devices to avoid such malicious hacking campaigns. Even though the tech behemoth is known for its not so smooth relationship with security researchers, Apple issued patches just a week later after Google disclosed the vulnerabilities being exploited by the hackers.

Apple recently made the news for providing security researchers with “hacking-friendly” iPhones with the goal of increasing their security even more by letting researchers hack their systems and using the data to make it more difficult for nefarious individuals and groups to attempt to do the same.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

Reliance Jio Set To Blitz The 5G Smartphone Market With Jaw-Dropping Price

Cometh the revolution, cometh Reliance. This time the price of 5G smartphones under the radar of Reliance.

Micromax is Back, Sets Eyes On Xiaomi’s Crown

A fallen pioneer, banished from its own motherland by collective foreign forces, has finally roused itself up! Micromax has...

The Future of The Workplace And Retraining in 2020 And Beyond

The pandemic has upturned businesses, lives, and even the outlook of our future. It has caused millions to lose their jobs, and...

Musk Slashes Tesla Car Price Twice in One Week, Served With A Side of His Wacko Humour

Time is witness that Elon Musk and eccentricities come along as a combo package. Wednesday’s announcement was no different....

Youtube SEO for Business Is An Imperative Skill In The Era Of Internet

The Internet has taken the world by storm ever since its advent. It has revolutionized many processes and industries. The Internet has...

Huawei Plans To Divest Honor And Bid Adieu To Budget Smartphones

Looks like Huawei is trying to follow the same path ByteDance has followed to keep TikTok alive. Just like...

In-Depth: Dprime

Will ‘TikTok By Microsoft’ Be A Winner?

For the last two years, TikTok has been in the public eye for all sorts of reasons. First, it was the exploded...

Facebook Subscription Model: Looking Beyond Ad Dollars?

Seldom do job listings create a stir this gripping. However, when the job listing in question is a stealth post from Twitter,...

Will The Online Food Delivery Market in India End Up Becoming A Two-Horse Race?

It's pretty much evident that the food delivery space in India is all set to get riled up soon enough as one...

More Articles Like This