Wednesday, August 5, 2020
Home Lead Story iPhone Bug also Accessed WhatsApp, Telegram Chats, Identify Google Researchers

iPhone Bug also Accessed WhatsApp, Telegram Chats, Identify Google Researchers

“We estimate that these sites receive thousands of visitors per week,” said the Google blog post

Google researchers have identified a vulnerability that accessed all the database files on the victim’s iPhone used by end-to-end encryption apps like WhatsApp, Telegram and iMessage.

In one of the biggest attacks against iPhone users, researchers working in Google’s Project Zero team earlier discovered several hacked websites that used security flaws in iPhones to attack users who visited these websites.

The malicious websites may have compromised personal files, messages, and real time location data of iPhone users. After they reported their findings to Apple, the Cupertino-based tech giant patched the vulnerabilities.

Later, they also revealed that the users’ chats in WhatsApp and Telegram were also compromised.

“In the earlier posts, we examined how the attackers gained ‘unsandboxed’ code execution as root on iPhones.”

“The implant has access to all the database files (on the victim’s phone) used by popular end-to-end encryption apps like WhatsApp, Telegram and iMessage,” said Ian Beer from Google’s Project Zero.

The implant was primarily focused on stealing files and uploading live location data.

whatsapp, paytm, UPI-based Pay service
FILE – The WhatsApp app logo is seen on a smartphone in this picture illustration. VOA

“The implant can upload private files used by all apps on the device,” said the researchers.

The researchers were able to collect five separate, complete and unique iPhone exploit chains, covering almost every version from iOS 10 through to the latest version of iOS 12.

“This indicated a group making a sustained effort to hack the users of iPhones in certain communities over a period of at least two years,” said Beer.

The websites delivered their malware indiscriminately and were operational for years, said Google.

Also Read: RBI Extends the Deadline to Update KYC for PhonePe, Paytm

“Earlier this year, Google’s Threat Analysis Group (TAG) discovered a small collection of hacked websites. The hacked sites were being used in indiscriminate watering hole attacks against their visitors, using iPhone 0-day,” said Beer.

There was no target discrimination as simply visiting the hacked site was enough for the exploit server to attack the iPhone, and if it was successful, install a monitoring implant.

“We estimate that these sites receive thousands of visitors per week,” said the Google blog post. (IANS)

STAY CONNECTED

18,959FansLike
362FollowersFollow
1,782FollowersFollow

Most Popular

Vaani Kapoor Would Love to do a Biopic on Kalpana Chawla

Actress Vaani Kapoor would love to do a biopic and says it would be an absolute honour for her to play astronaut Kalpana Chawala...

Sonali Bendre: Lockdown Has Given Me No Alternative But to Become Tech Savvy

Actress Sonali Bendre Behl says the lockdown has given her no alternative but to become tech savvy. She adds that is happy to learn...

Sonu Sood: The Real Life Hero

By Venkatachari Jagannathan Sonu Sood, for the Tamil movie viewers, has until now been the actor who played the villain in "Kallazhagar" and several others....

Shoppers can Follow These Tips to Spend Worry Free Days at Malls

By N. Lothungbeni Humtsoe Malls are open and as the footfall starts to pick up, the only one who can ensure your safety on a...

Bacterial Infections May Elevate Risk of Heart Disease in Individuals With Diabetes

Researchers have found that bacterial infections may elevate the risk of coronary heart disease in individuals with type 1 diabetes. For the findings, published in...

Tips to Help you Combat Oral Health Issues

By Puja Gupta Foul breath can be a very embarrassing, putting one in an uncomfortable position. With a little bit of care, this common condition...

WhatsApp Launches ‘Search the Web’ Option to Cross-Check Forwarded Messages

WhatsApp has launched a new 'Search the Web' option that will enable users to check information shared to them via a forwarded message. The 'Search...

Early Blood Test Can Detect Baby Brain Damage Just Hours After Birth

Researchers, including one of Indian origin, have found that an early blood test could detect which babies deprived of oxygen at birth are at...

Recent Comments