jehurey 3,238 Posted August 30, 2019 Share Posted August 30, 2019 Speaking of more bad iPhone news. Looks like iPhone was the most vulnerable mobile device for malware for years. Y-E-A-R-S and nobody fucking knew it. Quote Malicious websites were used to secretly hack into iPhones for years, says Google Zack Whittaker@zackwhittaker / 9:33 pm CDT • August 29, 2019 Security researchers at Google say they’ve found a number of malicious websites which, when visited, could quietly hack into a victim’s iPhone by exploiting a set of previously undisclosed software flaws. Google’s Project Zero said in a deep-dive blog post published late on Thursday that the websites were visited thousands of times per week by unsuspecting victims, in what they described as an “indiscriminate” attack. “Simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant,” said Ian Beer, a security researcher at Project Zero. He said the websites had been hacking iPhones over a “period of at least two years.” The researchers found five distinct exploit chains involving 12 separate security flaws, including seven involving Safari, the in-built web browser on iPhones. The five separate attack chains allowed an attacker to gain “root” access to the device — the highest level of access and privilege on an iPhone. In doing so, an attacker could gain access to the device’s full range of features normally off-limits to the user. That means an attacker could quietly install malicious apps to spy on an iPhone owner without their knowledge or consent. Google said based off their analysis, the vulnerabilities were used to steal a user’s photos and messages as well as track their location in near-realtime. The “implant” could also access the user’s on-device bank of saved passwords. The vulnerabilities affect iOS 10 through to the current iOS 12 software version. Google privately disclosed the vulnerabilities in February, giving Apple only a week to fix the flaws and roll out updates to its users. That’s a fraction of the 90 days typically given to software developers, giving an indication of the severity of the vulnerabilities. What an absolute shit-show. And also, how gracious of Google to actually be kind enough to care and notify Apple about this, when they have nothing to gain from telling them. Also, this part is funny: Quote Recently the company increased its maximum bug bounty payout to $1 million for security researchers who find flaws that can silently target an iPhone and gain root-level privileges without any user interaction. Under Apple’s new bounty rules — set to go into effect later this year — Google would’ve been eligible for several million dollars in bounties. Quote Link to post Share on other sites
Goukosan 2,257 Posted August 30, 2019 Share Posted August 30, 2019 10 hours ago, jehurey said: Speaking of more bad iPhone news. Looks like iPhone was the most vulnerable mobile device for malware for years. Y-E-A-R-S and nobody fucking knew it. What an absolute shit-show. And also, how gracious of Google to actually be kind enough to care and notify Apple about this, when they have nothing to gain from telling them. Also, this part is funny: Quote Link to post Share on other sites
lynux3 2,104 Posted August 30, 2019 Share Posted August 30, 2019 Quote Link to post Share on other sites
jehurey 3,238 Posted September 16, 2019 Share Posted September 16, 2019 Wait a minute. Apple has completely removed and abandoned 3dTouch from their new iPhones???????????? Quote Link to post Share on other sites
kaz 2,439 Posted September 16, 2019 Share Posted September 16, 2019 On 2019-08-30 at 6:25 PM, lynux3 said: Quote Link to post Share on other sites
-GD-X★ 7,749 Posted September 16, 2019 Share Posted September 16, 2019 wait, the touch is gone from the current iphone? (still rocking the 7+) Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.