Daily Sabah logo

Politics
Diplomacy Legislation War On Terror EU Affairs Elections News Analysis
TÜRKİYE
Istanbul Education Investigations Minorities Expat Corner Diaspora
World
Mid-East Europe Americas Asia Pacific Africa Syrian Crisis Islamophobia
Business
Automotive Economy Energy Finance Tourism Tech Defense Transportation News Analysis
Lifestyle
Health Environment Travel Food Fashion Science Religion History Feature Expat Corner
Arts
Cinema Music Events Portrait Reviews Performing Arts
Sports
Football Basketball Motorsports Tennis
Opinion
Columns Op-Ed Reader's Corner Editorial
PHOTO GALLERY
JOBS ABOUT US RSS PRIVACY CONTACT US
© Turkuvaz Haberleşme ve Yayıncılık 2023

Daily Sabah logo

عربي
  • Politics
    • Diplomacy
    • Legislation
    • War On Terror
    • EU Affairs
    • Elections
    • News Analysis
  • TÜRKİYE
    • Istanbul
    • Education
    • Investigations
    • Minorities
    • Expat Corner
    • Diaspora
  • World
    • Mid-East
    • Europe
    • Americas
    • Asia Pacific
    • Africa
    • Syrian Crisis
    • Islamophobia
  • Business
    • Automotive
    • Economy
    • Energy
    • Finance
    • Tourism
    • Tech
    • Defense
    • Transportation
    • News Analysis
  • Lifestyle
    • Health
    • Environment
    • Travel
    • Food
    • Fashion
    • Science
    • Religion
    • History
    • Feature
    • Expat Corner
  • Arts
    • Cinema
    • Music
    • Events
    • Portrait
    • Reviews
    • Performing Arts
  • Sports
    • Football
    • Basketball
    • Motorsports
    • Tennis
  • Gallery
  • Opinion
    • Columns
    • Op-Ed
    • Reader's Corner
    • Editorial
  • TV

Google researchers say iPhones have been silently hacked for years

by Associated Press

SAN FRANCISCO Aug 30, 2019 - 11:17 pm GMT+3
This Sept. 12, 2018, file photo shows an Apple iPhone XR on display at the Steve Jobs Theater after an event to announce new products, in Cupertino, Calif. (AP Photo)
This Sept. 12, 2018, file photo shows an Apple iPhone XR on display at the Steve Jobs Theater after an event to announce new products, in Cupertino, Calif. (AP Photo)
by Associated Press Aug 30, 2019 11:17 pm

Suspected nation-state hackers used malware-laden websites to infect iPhones with spyware in what security researchers are calling the worst general security failure yet affecting the Apple devices.

Announced late Thursday by Google researchers, the vulnerabilities were quietly fixed by Apple in February but only after thousands of iPhone users were believed exposed over more than two years.

The researchers did not say who was behind the cyberespionage or what population was targeted but experts said the operation had the hallmarks of a nation-state effort.

Sensitive data accessed by the spyware included WhatsApp, iMessage and Telegram text messages, photos, contacts and real-time location — essentially all the databases on the victim's phone. While the messaging applications may encrypt data in transit, it is readable at rest on iPhones.

"This is definitely the most serious iPhone hacking incident that's ever been brought to public attention, both because of the indiscriminate targeting and the amount of data compromised by the implant," said former U.S. government hacker Jake Williams, the president of Rendition Security.

Google researcher Ian Beer said in a blog posted late Thursday that the discovery should dispel any notion that it costs a million dollars to successfully hack an iPhone. That's a reference to the case of a United Arab Emirates dissident whose iPhone was infected in 2016 with so-called zero-day exploits, which have been known to fetch such high prices.

"Zero day" refers to the fact that such exploits are unknown to the developers of the affected software, and thus they have had no time to develop patches to fix it.

The discovery was made by Google researchers at Project Zero, which hunts security vulnerabilities in software and microprocessor firmware, independent of their manufacturer, that criminals, state-sponsored hackers and intelligence agencies use.

"This should serve as a wake-up call to folks," said Will Strafach, a mobile security expert with Sudo Security. "Anyone on any platform could potentially get infected with malware."

Beer said his team estimated that the infected websites used in the "indiscriminate watering hole attacks" receive thousands of visitors per week. He said the team collected five separate chains of exploits covering Apple's iOS system as far back as version 10, released in 2016.

Apple did not immediately respond to a request for comment on why it did not detect the vulnerabilities on its own and if it can assure users that such a general attack could not happen again. Privacy assurance is central to the Apple brand.

Neither Google nor Beer responded immediately to questions about the attackers or the targets, though Beer provided a hint in his blog post: "To be targeted might mean simply being born in a certain geographic region or being part of a certain ethnic group."

Williams, of Rendition Security, said the spyware implant wasn't written to transmit stolen data securely, suggesting an authoritarian state was behind it. He speculated that it was likely used to target political dissidents.

  • shortlink copied
  • RELATED TOPICS
    fight-against-terrorism DEUTSCHE-BANK US-LIBYA-RELATIONS
    KEYWORDS
    homepage
    The Daily Sabah Newsletter
    Keep up to date with what’s happening in Turkey, it’s region and the world.
    You can unsubscribe at any time. By signing up you are agreeing to our Terms of Use and Privacy Policy. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
    No Image
    Dereşuri horses: Historical Turkish breed finds new life in Iran
    PHOTOGALLERY
    • POLITICS
    • Diplomacy
    • Legislation
    • War On Terror
    • EU Affairs
    • News Analysis
    • TÜRKİYE
    • Istanbul
    • Education
    • Investigations
    • Minorities
    • Diaspora
    • World
    • Mid-East
    • Europe
    • Americas
    • Asia Pacific
    • Africa
    • Syrian Crisis
    • İslamophobia
    • Business
    • Automotive
    • Economy
    • Energy
    • Finance
    • Tourism
    • Tech
    • Defense
    • Transportation
    • News Analysis
    • Lifestyle
    • Health
    • Environment
    • Travel
    • Food
    • Fashion
    • Science
    • Religion
    • History
    • Feature
    • Expat Corner
    • Arts
    • Cinema
    • Music
    • Events
    • Portrait
    • Performing Arts
    • Reviews
    • Sports
    • Football
    • Basketball
    • Motorsports
    • Tennis
    • Opinion
    • Columns
    • Op-Ed
    • Reader's Corner
    • Editorial
    • Photo gallery
    • Jobs
    • privacy
    • about us
    • contact us
    • RSS
    © Turkuvaz Haberleşme ve Yayıncılık 2021