Google’s Project Zero team is regularly checking the vulnerabilities of and security issues on the Internet and Operating systems. Recently, the team reported the unpatched vulnerability in iOS 12.4 update to Apple and the company immediately patched the same. Today, Google’s Project Zero team member Ian Beer said that there are indiscriminately sustained attacks on the iPhone ecosystem going on from last year. The continuous attacks were carried out using malicious websites, and the same has installed the malware into the iPhone users that visited the site.
The malicious and booby-trapped websites that were targeting all of the iPhone users is being visited more than a thousand times a day. The site would use software or malware that could discreetly extract the images, videos, contacts, and other sensitive information from the iPhone users visiting the same. The sites were the clone copies of some of the popular websites. According to the technical posts written by Mr. Ian Beer, member of Project Zero team explained the modus operandi. Once the iPhone user visits the site, the site would automatically install the monitoring implant, which would keep tracking the device and extract the videos, images, and contacts of the users.
Mr. Ian Beer explained that the attacks were indiscriminate, meaning all of the visitors would get infected after visiting the site. The software used in the background exploits nearly 12 known vulnerabilities in the Apple Safari browser. Apple Safari is the default browser for Apple Ecosystem devices. The monitoring implant or the malware will send the extracted data every 60 seconds to the encrypted server. Not just the stored data, but the malware can extract the data from live apps, like Facebook, Instagram, and WhatsApp and send back to the encrypted server. When asked for comments, Apple did not share any statement on this revelation.
