iPhones Infected Malware From Hacked Websites For Years, Says Google's Researchers

A team of security researchers working in Google’s Project Zero claimed that iPhone owners have accidentally made their phones subjected to malware after visiting hacked websites. For those who’re involved in such practices, your private data including photos, messages or location is vulnerable to infective malware.

A blog post published by Project Zero says Apple did patch the flaw a few months ago, after getting reports from the team. Along with the iOS 12.1.4 update, Apple also gave more details related to security on its support page.

Also in the post, once it successfully finds the way onto devices, it will surely install a monitoring implant inside them. Ian Beer, a Project Zero’s researcher, shed light on the findings:

“We estimate that these sites receive thousands of visitors per week.”

There were collectively five exploit chains in iPhones, comprising of devices running on either iOS 10 or iOS 12. Google’s researchers had found all of them, but they found no one behind them at all. In fact, Apple’s devices rarely get malware attacks as many believe that it’s likely secured. For example, the tech giant sometimes offers millions of dollars for contributions in discovering iPhones’ vulnerabilities.

When users’ iPhones are under those vulnerabilities, hackers can make use of them. For more details, the attackers can install a load of malicious apps, steal encrypted messages and photos, and get real-time location details as well. In case malware starts deep-level access, messages would be fetched before being encrypted.

In the meantime, users can’t perform any malware scan on their devices, so this apparently made the malware behind closed doors for so long.