iPhone Under Attack: Getting Hacked Just By Visiting Websites!

Must Read

APAC Employees Desperate to Return to the Office [STUDY]

As researchers continue to take full advantage of the impromptu remote work experiment COVID-19 facilitated earlier this...

After Jio Platforms, Now JioFiber To Raise Billions In Investment!

if you are thinking that Mukesh Ambani is done with the investments in Jio Platforms after making...

BlackRock: The New Android Malware that Targets More Apps Than Ever Before

A new Android malware has become a nightmare for over 2.5 billion Android smartphone users worldwide. The...

Yes, you read it right, a website could hack iPhone.

In January this year, it was the very first time when Apple disclosed that active install base of iPhone has reached 900 million. With a global active installed base is expected to exceed 1 billion this year, Apple’s iPhones continue to be some of the most desired smartphones worldwide. Therefore, the reported incidents of a coordinated hacking campaign attacking iOS users, undoubtedly, come as unpleasant news to the tech magnate.

Apple iPhone, famous for their locked-down security, are under threat of being hacked by simply visiting a normal looking website. A report published recently in a disquieting blog post by Google’s Project Zero researcher Ian Beer states that an iPhone hacking campaign, discovered earlier this year, is targeting iPhone users through hacked websites. Simply visiting such websites once is enough for the exploit server to attack your iOS device.

Advertisements

iPhone Hacking: Watering Hole Attacks

Known as watering hole attacks, these exploits can compromise the security of end-users by infecting websites and using them as bait to load malware into the victim’s device. These malware or malvertisements infect devices visiting the website. This technique is one of the most used hacking techniques today and is used to conduct identity theft and steal sensitive information from unsuspecting victims.

This iPhone hack epidemic was brought to attention earlier this year by Project Zero’s cybersecurity researchers. It included at least five iPhone exploit chains with the ability to remotely jailbreak an iPhone and implant it with spyware by exploiting 14 different flaws in Apple’s iOS, including flaws in Safari Web Browser, iOS kernel and sandbox escape issues. According to researchers these can attack devices with the iOS 10 and succeeding mobile operating systems.

These attacks are programmed to steal photos, iMessages, and live GPS location data from devices and upload them to an external server every sixty seconds. Also, the implant can gain access to the device’s keychain data which contains authentication tokens, credentials and certificates accessed by the device.

Other popular end-to-end encryption apps on iOS platform like Whatsapp and Telegram are also vulnerable to these exploits.

What to Do?

Ian Beer warns users that while rebooting their iPhone can automatically wipe off the implant, albeit revisiting the hacked website would again reinstall it. Given that these websites receive thousands of visitors weekly, avoiding them may not be easy. Furthermore, attackers can use already stolen information to access various accounts and services even if the implant is wiped.

Advertisements

Beer also notes that the group behind the iPhone hacking could be targeting users of iPhones in certain communities for over two years.

Although no information about the hacked websites was released, Apple assures its users that the majority of these issues have been patched. iOS users are advised to update their devices to avoid such malicious hacking campaigns. Even though the tech behemoth is known for its not so smooth relationship with security researchers, Apple issued patches just a week later after Google disclosed the vulnerabilities being exploited by the hackers.

Apple recently made the news for providing security researchers with “hacking-friendly” iPhones with the goal of increasing their security even more by letting researchers hack their systems and using the data to make it more difficult for nefarious individuals and groups to attempt to do the same.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

Microsoft Confirms That Buying TikTok Is On The Cards!

Putting an end to all speculations Microsoft has confirmed that the company is actively exploring options to...

Happy Birthday Charlie Cheever: Quora Is A Real Disruptor of Q&A Forum

If you ever asked any question on the internet, Charlie Cheever needs introduction to you. Old wine in a...

Facebook Launches Music Videos to Eat into YouTube’s Market

With the launch of Music Videos, Facebook has made another competitive move against its biggest opponent, Google. In a...

Facebook Reveals Big Plans Behind The WhatsApp JioMart Integration In India

After Facebook Inc. (NASDAQ:FB) acquired a minority stake of 9.99% in Jio Platforms for a whopping $5.7 billion in April, it was revealed that...

Microsoft To Acquire TikTok In the US?

The rumours are making rounds that Microsoft may acquire TikTok to keep the popular short video sharing app operational in the US.

Google Wanted To Acquire Facebook But The Objective Was Quite Concerning!

Can you imagine how powerful Google would have been today if it had access to monstrous amount of data that Facebook owns...

In-Depth: Dprime

Facebook Subscription Model: Looking Beyond Ad Dollars?

Seldom do job listings create a stir this gripping. However, when the job listing in question is a stealth post from Twitter,...

Will The Online Food Delivery Market in India End Up Becoming A Two-Horse Race?

It's pretty much evident that the food delivery space in India is all set to get riled up soon enough as one...

Fantastic 4: Four Day Work Week A Flashpoint Of Innovation?

It has been an idea that has been mooted by many, perhaps also somewhat sceptically. From being a dark horse to becoming...

More Articles Like This