Until recently, websites hacked iPhones



[ad_1]

(Newser)

Visit a website and move – your iPhone is hacked. This nightmare vulnerability was affecting the iPhone until a Google team informed Apple in February, reports Verge. Google's Project Zero team discovered that hacked websites took advantage of security vulnerabilities to infiltrate any iPhone while surfing. "There was no target discrimination, it was enough to visit the site hacked for the operating server to attack your device and, if necessary, to install a monitoring implant," says the company. 39; Project Zero team from Google. "We estimate that these sites receive thousands of visitors a week."

This meant that hackers could install an implant accessing the keychain of the phone, which would allow them to retrieve credentials or certificates and steal content from email applications such as iMessage and WhatsApp. A simple restart removes the implant, but by that time, the implant had already accessed the authentication tokens in the keychain, allowing continued access even with the removed implant. Google has given Apple a very short deadline of one week to fix the flaw – much less than the usual 90 days – and Apple has put together a fix after six days with iOS 12.1.4, by TechCrunch. Apple has not commented on this. (Read more Apple stories).

[ad_2]

Source link