For at least two years, hackers used compromised websites to install malware on iPhones that could gather and upload a user's photos, contacts, and other data, Google cybersecurity researcher Ian Beer explained in a blog post Thursday evening. "There was no target discrimination: Simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, to install a monitoring implant." The exploits were discovered "in the wild," Beer said, meaning they were being used by real cybercriminals in the real world.
The hackers were able to attack "almost every version from iOS 10 through to the latest version of iOS 12," Beer said, though Apple patched the vulnerability in February after Beer and his associates at Google's Project Zero alerted the company to it. "This indicated a group making a sustained effort to hack the users of iPhones in certain communities over a period of at least two years." He did not speculate as to who was behind the attack or which groups it targeted, and he didn't name the hacked websites, saying only they were visited thousands of times a week. Apple told BBC News it did not wish to comment on Beer's post.
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
-
Labubu: the 'creepy' dolls sparking brawls in the shopsIn the Spotlight Craze for the pint-sized soft toys has reached fever pitch among devotees
-
The top period dramas to stream nowThe Week Recommends Heaving bosoms and billowing shirts are standard fare in these historical TV classics
-
Women need more pain management during gynecological proceduresUnder the radar Pain should no longer be ignored
-
Crypto firm Coinbase hacked, faces SEC scrutinySpeed Read The Securities and Exchange Commission has also been investigating whether Coinbase misstated its user numbers in past disclosures
-
Starbucks baristas strike over dress codespeed read The new uniform 'puts the burden on baristas' to buy new clothes, said a Starbucks Workers United union delegate
-
Warren Buffet announces surprise retirementspeed read At the annual meeting of Berkshire Hathaway, the billionaire investor named Vice Chairman Greg Abel his replacement
-
Trump calls Amazon's Bezos over tariff displaySpeed Read The president was not happy with reports that Amazon would list the added cost from tariffs alongside product prices
-
Markets notch worst quarter in years as new tariffs loomSpeed Read The S&P 500 is on track for its worst month since 2022 as investors brace for Trump's tariffs
-
Tesla Cybertrucks recalled over dislodging panelsSpeed Read Almost every Cybertruck in the US has been recalled over a stainless steel panel that could fall off
-
Crafting emporium Joann is going out of businessSpeed Read The 82-year-old fabric and crafts store will be closing all 800 of its stores
-
Trump's China tariffs start after Canada, Mexico pausesSpeed Read The president paused his tariffs on America's closest neighbors after speaking to their leaders, but his import tax on Chinese goods has taken effect
