iPhone Under Attack: Getting Hacked Just By Visiting Websites!

Must Read

Hands-Free Resources: How Businesses Are Using AR to Make Workplaces Safe and Productive

The role of efficiency and ease in the modern world has become forefronted when it comes to technology, particularly...

Top Countries by App Downloads Q2 2021: India Dominates With 7 Billion+ Downloads [REPORT]

As the adoption of smartphones and the Internet has increased over the last decade, so has the number of...

3 Most Common Mistakes Social Media Marketers Are Committing In 2016

In their quest for greater sales and increased ROI, the self-appointed “digital marketing guru” has lost touch with what...

Yes, you read it right, a website could hack iPhone.

In January this year, it was the very first time when Apple disclosed that active install base of iPhone has reached 900 million. With a global active installed base is expected to exceed 1 billion this year, Apple’s iPhones continue to be some of the most desired smartphones worldwide. Therefore, the reported incidents of a coordinated hacking campaign attacking iOS users, undoubtedly, come as unpleasant news to the tech magnate.

Apple iPhone, famous for their locked-down security, are under threat of being hacked by simply visiting a normal looking website. A report published recently in a disquieting blog post by Google’s Project Zero researcher Ian Beer states that an iPhone hacking campaign, discovered earlier this year, is targeting iPhone users through hacked websites. Simply visiting such websites once is enough for the exploit server to attack your iOS device.

Advertisements

iPhone Hacking: Watering Hole Attacks

Known as watering hole attacks, these exploits can compromise the security of end-users by infecting websites and using them as bait to load malware into the victim’s device. These malware or malvertisements infect devices visiting the website. This technique is one of the most used hacking techniques today and is used to conduct identity theft and steal sensitive information from unsuspecting victims.

This iPhone hack epidemic was brought to attention earlier this year by Project Zero’s cybersecurity researchers. It included at least five iPhone exploit chains with the ability to remotely jailbreak an iPhone and implant it with spyware by exploiting 14 different flaws in Apple’s iOS, including flaws in Safari Web Browser, iOS kernel and sandbox escape issues. According to researchers these can attack devices with the iOS 10 and succeeding mobile operating systems.

These attacks are programmed to steal photos, iMessages, and live GPS location data from devices and upload them to an external server every sixty seconds. Also, the implant can gain access to the device’s keychain data which contains authentication tokens, credentials and certificates accessed by the device.

Other popular end-to-end encryption apps on iOS platform like Whatsapp and Telegram are also vulnerable to these exploits.

What to Do?

Ian Beer warns users that while rebooting their iPhone can automatically wipe off the implant, albeit revisiting the hacked website would again reinstall it. Given that these websites receive thousands of visitors weekly, avoiding them may not be easy. Furthermore, attackers can use already stolen information to access various accounts and services even if the implant is wiped.

Advertisements

Beer also notes that the group behind the iPhone hacking could be targeting users of iPhones in certain communities for over two years.

Although no information about the hacked websites was released, Apple assures its users that the majority of these issues have been patched. iOS users are advised to update their devices to avoid such malicious hacking campaigns. Even though the tech behemoth is known for its not so smooth relationship with security researchers, Apple issued patches just a week later after Google disclosed the vulnerabilities being exploited by the hackers.

Apple recently made the news for providing security researchers with “hacking-friendly” iPhones with the goal of increasing their security even more by letting researchers hack their systems and using the data to make it more difficult for nefarious individuals and groups to attempt to do the same.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

Zomato To Give Booster Shot To Grofers Now: Eyes On A Big Chunk Of Grocery Delivery Market

After the historic performance with IPO, Zomato is now gearing up for another milestone - to grab a sizeable...

In-Depth: Dprime

Will ‘TikTok By Microsoft’ Be A Winner?

For the last two years, TikTok has been in the public eye for all sorts of reasons. First, it was the exploded and unparalleled...

Facebook Subscription Model: Looking Beyond Ad Dollars?

Seldom do job listings create a stir this gripping. However, when the job listing in question is a stealth post from Twitter, with a...

Will The Online Food Delivery Market in India End Up Becoming A Two-Horse Race?

It's pretty much evident that the food delivery space in India is all set to get riled up soon enough as one of the...

More Articles Like This