AG百家乐在线官网

Hackers have been 'harvesting iPhone photos and contacts for years,' says Google

Google researchers say security flaws were found in web browser Safari, affecting phones which had visited compromised sites.

Friday 30 August 2019 16:40, UK

CUPERTINO, CA - SEPTEMBER 12: The new iPhone X is displayed during an Apple special event at the Steve Jobs Theatre on the Apple Park campus on September 12, 2017 in Cupertino, California. Apple held their first special event at the new Apple Park campus where they announced the new iPhone 8, iPhone X and the Apple Watch Series 3. (Photo by Justin Sullivan/Getty Images)
Image: Google says a flaw could have affected iPhones since 2016
Why you can trust Sky News

Hackers have been using malicious software to harvest photos and contacts from iPhones for years, researchers at Google have claimed, potentially affecting millions of people.

The monitoring - which gathers images and other information from iPhones which have visited compromised websites - is said to have affected devices running operating systems from iOS 10, released in 2016, to iOS 12.

Apps including Instagram, WhatsApp and Gmail would have been vulnerable to being accessed, potentially exposing personal data, on handsets hit by the so-called "monitoring implants".

The issue apparently affected iPhones for years
Image: 'Monitoring implants' could have been installed on hacked iPhones, Google claims

Project Zero, a team of security researchers at Google, said most of the security flaws were found within Safari, the default web browser on Apple devices, with the hacked sites having received thousands of visitors a week.

In a blog post, Project Zero expert Ian Beer said: "There was no target discrimination; simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, to install a monitoring implant."

Although the implant is not saved on the device itself, it is capable of providing hackers with access whenever the owner visits a compromised website, Mr Beer said.

But while they would only have had access to the phone during those visits, hackers may have ended up with persistent access to other accounts and services by using stolen authentication tokens from the keychain - where the iPhone stores passwords and other login information.

More on Google

Related Topics:

Google, which has previously exposed a number of flaws within the iPhone app iMessage, said it reported the issues to Apple on 1 February, prompting Apple to release a software update six days later.

Apple told Sky News it did not want to comment specifically on Google's claim.

However, the tech firm advised iPhone users to keep software up to date, describing it as "one of the most important things you can do to maintain your Apple product's security".

:: Listen to the Daily podcast on , , ,

The findings from Project Zero were made public on the day Apple unveiled a date for what is widely expected to be the announcement of its next iPhone range.

Journalists and tech bloggers have been invited to an event at the Steve Jobs Theatre in California on 10 September, where new "pro" models of the iPhone have been tipped to be revealed.

Apple CEO Tim Cook speaks during a product launch event on September 12, 2018, in Cupertino, California. - New iPhones set to be unveiled Wednesday offer Apple a chance for fresh momentum in a sputtering smartphone market as the California tech giant moves into new products and services to diversify.Apple was expected to introduce three new iPhone models at its media event at its Cupertino campus, notably seeking to strengthen its position in the premium smartphone market a year after launching
Image: Apple chief executive Tim Cook is expected to reveal new iPhone handsets in September

Apple may also dedicate a chunk of time at the presentation to its commitment to privacy, having said this week that it will now allow users to opt out of having their interactions with Siri recorded.

The move followed claims regarding the use of human contractors to listen to audio samples, with one former worker saying they "regularly" overheard confidential encounters, including drug deals and people having sex.

Related Topics