Google discovered malware that targeted iPhone for two years

Google researchers have uncovered a malicious campaign that targeted the iPhone for at least two years. According to researchers, this campaign has stopped, though they warn that there may be other ways they have not yet identified.

The security team Project Zero, announced that it had discovered some malicious websites that could be used to infringe on Apple devices, using five different personalized exploits.

google project zero

Τα exploits χρησιμοποιούσαν 14 διαφορετικές ευπάθειες που κάλυπταν κάθε έκδοση από το iOS 10 μέχρι το iOS 12. Η Apple εξέδωσε μια με την αναβάθμιση του iOS 12.1.4 τον Φεβρουάριο, αφού οι ερευνητές της ομάδας Project Zero αποκάλυψε τις ευπάθειες και έδωσε στην εταιρεία μία εβδομάδα για να τα επιδιορθώσει.

The Project Zero team usually follows one strict disclosure period of 90 days, but in this case it only gave a week because of the severity of the vulnerabilities.

Google Project Zero team researcher Ian Beer reported:

A simple visit to the site was enough for one on your device and if the attack was successful, the device would get a malicious tracking app. We estimate that these websites had thousands of visitors per week.

14 vulnerabilities existed in Safari and the kernel, except for two separate cases of sandbox escapes, where malicious code could run beyond the boundaries of an application.

In short, the 5 exploits gave elevated “root” privileges to the attacker with full rights to install malicious and access device files sent every 60 seconds by a command and control server.

But it is more worryingly, the malware also uploaded the device's keychain, which is used to securely store data (eg passwords, Wi-Fi codes, and certificates) from well-known such as: WhatsApp, Telegram, Skype, Facebook, Viber, Gmail and Outlook.

Read more.

______________________

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.101 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).