iOS vulnerability: Hackers have been able to spy on iPhone users for years
from Lars Matt 
on August 31, 2019, 18:30 am | 🔥 popular | Write a comment
Google's security team Project Zero has uncovered what is arguably the worst iOS vulnerability in years. This enabled hackers to spy on users for years via malicious code smuggled into websites.
For years, strangers could simply read iPhone chats from users, like Wired currently reported. We had a similar case already in May, where private chats from iPhone users could be read through a WhatsApp gap. But that's not all: real-time location tracking of the iPhone and retrieval of files, photos, contacts and passwords in the "keychain". proeasily possible. By accessing the message databases of various messengers, chats in iMessage, WhatsApp and Telegram could be read. The gap existed in several "levels" of the iOS software - therefore to be classified as quite critical.
Jump to section
iOS security mechanisms simply bypassed - infected by surfing the Internet
In every modern operating system we find so-called "sandboxes", which allow content in the browser, apps and other applications to run in a separate area. This means that harmful content cannot “break out” of this area and damage other things in the operating system. But there was a loophole here, which enabled profound access to the Apple operating system. You could become infected by simply visiting an infected website on the Internet. After restarting the iPhone, however, the ghost was over again - then you had to call up the page again to be infected again with the monitoring software.
It is not known exactly which websites were affected and on which this malicious code was smuggled.
iOS vulnerability: These iPhone users are exactly affected
The Google Security team reported the vulnerability to Apple on February 1, 2019 with a 7-day deadline. On February 7th, Apple responded directly and released an update to iOS 12.1.4. Nevertheless, looking back a few years ago, hackers were able to access users' data - the vulnerability has existed since the first version of iOS 10. It was released on September 13, 2016. It cannot be found out whether you were attacked or spied on.
In short: if you use a newer iOS version than iOS 12.1.4, you are no longer vulnerable.
The gap existed from September 13, 2016 to at least February 7, 2019. (Image: Google/Proproject zero)
This is how Google tracked down the hackers - is there a state behind it?
Security researchers currently assume that the attacker is a state. So they probably bought security gaps and tried to spy on users on a large scale. This suspicion is corroborated if one takes a closer look at the code of the attack. There you will find some errors in the camouflage for the transmission of the tapped data. For example, the IP address of the server to which the data was sent was obviously anchored in the code. In addition, all data was sent unencrypted to this server. On the other hand, the attacker could not have cared who was reading and who did it.
It is not clear which IP address that was and in which region the server was located. The security team has not provided any information about this. It is possible that this information will be submitted at a later point in time after Apple has also commented on it.
More information about the iOS security vulnerability
Find interested people in the security blog from Google further information on the gap, which would be too complicated to explain in this article. The exact procedure and further details are also described there. Apple has not yet commented on the iOS security vulnerability.
