Google Fixes iPhone Security Error and Bug | Let Websites Hack Away for Year
US web giant Google security researchers have found that ‘hacking efforts’ have been pursuing iPhone hacking for at least the past two years. The BBC reported that the attack was being carried out using a website that could install harmful software capable of holding contact information, pictures and other data together.
These ‘booby-trap walla’ websites are visited thousands of times a week, according to a Google analysis. On the other hand, the iPhone maker has told Apple Media that they have ‘no desire to comment’ on the news.
Google has a task force called Project Zero to find new security risks. In a series of articles written by British cyber security researcher Ian Beer, one of the members of the project details the attack. “Just website visits were enough to attack your device, and if it was successful, a monitoring software would be installed,” said Beer and his team.
Most of this is reported to be Apple’s default web browser Safari error. Beer added that a lot of contacts, pictures and GPS location information have been taken from a person’s iPhone using this error. Every 50 seconds, data is being sent to an external server, which handles data from apps like Instagram, WhatsApp and Telegram. Data was also taken from Google’s Gmail and Hangouts apps. “Hackers have taken advantage of this error in all versions, from iOS 10 to iOS 12,” Beer said.
Beer included that a large number of the contacts, pictures, and GPS area data were recovered from this iPhone for one individual. Information is sent to an outer server at regular intervals with information prepared by applications, for example, Instagram, WhatsApp, and Telegram. The information likewise originates from the Gmail and Hangout applications.
“Programmers abused this bug in all forms of iOS 7 through iOS 12,” Beer said. The client was likewise prescribed to introduce another update.
The Google security group revealed Apple the blunder on February 8. After six days, Apple discharged a security fix for iOS to fix the bug.