Skip to main content

Chances are you’ve heard something about the recent iPhone hacking that has happened. This is something that a lot of people are talking about but not many are taking the time to seriously look into.

For those who do not know not, too long ago, it was uncovered/brought to our attention by Google that hackers had managed to plant spyware on iPhone users’ devices over a period of two years. Basically, to do-so these hackers targeted a group of websites and infected them, these websites when visited would then without the user knowing install malware to the devices being used. While the iPhone was, for the most part, the only device affected it is important to note that other devices were targeted as well.

Ian Beer from Project Zero (a team of Google security workers who look into things regarding cyber crimes) wrote as follows in regards to all of this on his blog:

“Earlier this year Google’s Threat Analysis Group (TAG) discovered a small collection of hacked websites. The hacked sites were being used in indiscriminate watering hole attacks against their visitors, using iPhone 0-day.

There was no target discrimination; simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant. We estimate that these sites receive thousands of visitors per week.

TAG was able to collect five separate, complete and unique iPhone exploit chains, covering almost every version from iOS 10 through to the latest version of iOS 12. This indicated a group making a sustained effort to hack the users of iPhones in certain communities over a period of at least two years.

I’ll investigate what I assess to be the root causes of the vulnerabilities and discuss some insights we can gain into Apple’s software development lifecycle. The root causes I highlight here are not novel and are often overlooked: we’ll see cases of code which seems to have never worked, code that likely skipped QA or likely had little testing or review before being shipped to users.

Working with TAG, we discovered exploits for a total of fourteen vulnerabilities across the five exploit chains: seven for the iPhone’s web browser, five for the kernel and two separate sandbox escapes. Initial analysis indicated that at least one of the privilege escalation chains was still 0-day and unpatched at the time of discovery (CVE-2019-7287 & CVE-2019-7286).”

One of the most important things Beer notes in his post is that Android users are not anywhere near as safe as they may assume. While the iPhone has vulnerabilities, similar and in some ways, worse ‘bugs’ can get into the Android operating system as well. No phone is hack proof and that is not something we should forget. Apple is in many ways ahead of Android regarding cybersecurity and things like this can happen regardless of the operating system you’re using.

To learn more on this hacking instance please feel free to check out the video below. This specific hack allowed these hackers to access Apple customers’ data on a level that is quite concerning. They could see their passwords, contacts, messages, and so much more. As technology progresses things like this are going to become harder and harder to combat and that in itself is a reality we all have to face.