Malicious Websites Silently Target iPhones

Anticipated as one of the most significant attacks on Apple users. Google researchers have recently found multiple hacked websites that were spreading malicious attacks to infect and hack iPhones.

As per Google, these websites are believed to be operational from the year, were visited thousands of times by users. There is no targeted discrimination and a mere visit to the hacked website is enough to infect the device.

Ian Beer, from “Google Project Zero”, stated that these sites have close to a thousand + visitors per week.

Some of these attacks are also being termed as Zero-Day attacks as they take advantage of security loopholes and system vulnerabilities. Moreover, it is relatively hard to fix such Zero-Day assaults because of the vast disparity in the different types of system loopholes. Finding a fix for such a massive range of vulnerabilities is quite an impossible task

In comparison to Android devices, Apple hacks are relatively tricky and quite expensive, and a full exploit chain can cost up to $3 million. This included all possible system vulnerabilities including browser, OS, kernel, and other parts, to get away from an application sandbox, which is designed to run code inside the phone.

TAG (Google’s Threat Analysis Group) was able to get their hands over 5 different iPhone exploit chains, containing approximately 14 types of system vulnerabilities, wrote Beer. He also cited, that these exploits targeted various iOS versions, including iOS 10 and 12 latest versions.

A successful exploit makes it easy to leave the malware on the device. Beer, further stated that the implant primarily focuses on uploading live location details and stealing essential files. This implant can also access the user’s keychain, which generally contains private credentials. Furthermore, it can also access an encrypted messaging database of various apps like iMessage, WhatsApp, etc.

The good news here is that the implant is not persistent, which means you can easily remove it by rebooting your device. But unfortunately, even a single infection is enough to steal your sensitive information.

Beer further stated that, in light of the stolen information and authentication tokens, the attackers will still be able to access various accounts even if they lose control over the device post-reboot.

Unlike old attacks which were spread through text messages, infected links, phishing emails, this attack seems to be highly broad in scope.

According to Beer, the group is making a continuous effort to hack multiple iPhone devices over the last 2 years.