CyberNews Briefs

Malicious websites were used to secretly hack into iPhones for years, says Google

Threat actors may have hacked into thousands of iPhones via an “indiscriminate” attack involving a number of malicious websites, new research by Google shows. The websites were visited by thousands of users per week and according to Ian Beer of Google, “simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant.”

The campaign was active for at least two years and took advantage of 12 separate security flaws that could lead to device exploitation along five different attack chains, all of which enabled threat actors to obtain privileged access on targeted iPhones. Threat actors used this access to steal user data including password and to track user locations. Apple fixed the flaws earlier this year.

Read more: Malicious websites were used to secretly hack into iPhones for years, says Google

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.