A new report from Vice today details the findings made by Google Project Zero researchers that "may be one of the biggest attacks against iPhone users ever." The basis of the attacks is a series of hacked websites that distribute malicious software to iPhone users.
In a blog post on Project Zero's Ian Beer, he explained that there was no "target discrimination" when it came to this series of attacks. Users can be affected simply by visiting one of the hacked sites, which is said to receive thousands of views per week.
The Google Threat Analysis team has discovered a set of five separate and complete iPhone operating circuits affecting iOS 10 across all versions of iOS 12. "This shows a group that is constantly working to hack iPhone users in certain communities for at least two years, ”Bier writes.
After a user visits one of the malicious websites and the malware is deployed, the implant "mainly focuses on file theft and live location uploading" as often as every 60 seconds. As the terminal device itself was compromised, services such as iMessage were also affected.
Working with TAG, we found exploits for a total of fourteen vulnerabilities in the five exploitation chains: seven for the iPhone web browser, five for the kernel, and two separate sandboxes. Initial analysis showed that at least one of the privilege escalation chains was still 0-day and not open at the time of discovery.
Beer says that Project Zero reported Apple's 7-day issues on February 1, 2019 – and they were fixed when iOS 12.1.4 was released on February 9, 2019.
This chain of exploitation is unique in that many attacks are more targeted in scope, but this one affects anyone who accidentally visits one of the infected websites
Targeting can simply mean being born in a particular geographical region or being a part of from a particular ethnic group. All consumers can do is be aware of the fact that mass exploitation still exists and behave accordingly; they treat their mobile devices as an integral part of their modern lives, but also as devices that, when compromised, can upload any of their actions to a database to potentially be used against them.
The incredibly detailed analysis of iOS operating circuits discovered in the wild can be read on Project Zero's Google blog. Here, Ian Beer covers more details about Apple's security fixes made in iOS 12.1.4, which include FaceTime bug fixing and security issues detected by Project Zero's team.
Subscribe to 9to5Mac on YouTube for more Apple news: