Google warns of malicious websites targeting iPhone phones for years

Researchers at the Google Security Initiative (Project Zero) have uncovered a number of serious vulnerabilities in iPhone phones that allow websites to hack into the devices of users who have visited them randomly, in one of the most major attacks never perpetrated against iPhone users. The researchers pointed out that malicious websites can secretly visit the victim's phone by exploiting a set of software defects that had not been revealed before.

The problem comes from a series of hacked sites, which randomly distributed malware to iPhone users.

Google has discovered a set of five operating chains for iPhone, including 14 separate security vulnerabilities, split between the Safari browser, the kernel and the protection zone.

The devices involved range from (iPhone 5) to (iPhone X), and security issues affect all operating systems from (iOS 10) to (iOS 12).

If you visit the hacked site, the malware will be reinstalled and, although these programs will be removed from the infected iPhone during the reboot, attackers will be able to maintain permanent access to various accounts and services even after losing the # 39; access to the device.

These programs focus mainly on the theft of photos, messages and user files, tracking their location in real time every 60 seconds and access to saved passwords on the phone. apparatus.

On February 1, Google reported the problem to Apple, giving it seven days to fix the vulnerabilities, instead of the 90 days normally given to developers to fix security vulnerabilities, indicating the severity of the vulnerabilities.

Apple later released a fix with iOS 12.1.4 released Feb. 7, revealing Google's results in an accompanying support document, and updating it to fix the flaws in the foundation, as well as to the company. IOKit discovered by the Google team. Security, which were used to hack devices.