The information on another iPhone hack comes as another blow to the Silicon Valley company. This after a recent news article reveals that the company was sending a small percentage of Siri recordings to 3rd party contractors.
Google’s Threat Analysis Group reveal the discovery a continuous iPhone hack that was “indiscriminate.” The hack they say went for 2 and a half years targeting iPhone users, giving unauthorized access to messages, photos, GPS data, address books, and more.
How did they do it?
The hack went for around two and a half years exposing billions of iPhones users to attack. The hack was orchestrated using several websites. These sites deliver malware to unsuspecting visitors. However, this was not for iPhone users only. Android users were equally vulenrable to attack. It only takes a visit the website – no interaction needed. This hack was so effective that even iPhones equipped with the latest updates were no match for the malware.
Once the malware gains access to the iPhone, all user information becomes available to the attackers. Valuable data such as passwords, messages on popular apps, and even location was automatically uploaded.
The good news is that the malware was automatically removed once the iPhone was restarted. This comes as a small reassurance since nobody would shutdown or even restart their smartphone if It was working properly – would you? And restarting would not erase data or stop the attackers from using your personal information.
Researchers say that the hack exploits security flaws, including Safari – iPhone’s built-in web browser. After gaining entry to the device, the malware gains root access giving hackers access to the iPhone. This means the attacker has administrator privileges which was unavailable even to the phone’s owner. The hacker could also install apps even without the owner’s knowledge.
Government Sponsored Hacking
Even with the hundreds of millions of iPhone users around the world, it would highly be unlikely that the effect on iPhone users would be that great. The sites were mainly targeting China’s Uighur minority. This isn’t surprising since the Chinese government actively monitors its Uighur Muslim population.
It wouldn’t be the first time that the Chinese government employ technology to track its population. This includes the use of facial recognition software. Visitors at Xinjiang’s borders also had to download malware on their devices to scan files containing Islamic content.
Apple and Google – Who has the safer OS?
The information comes from Project Zero researchers, Google’s external security team. Since its creation in July 2014, the team has reported nearly 1,600 hardware and software vulnerabilities. The team has its share of flak in the past, especially from vendors who were given 90 days before Project Zero made its findings public.
The fact is that these sites did not only target a specific brand of phone. It has the capability to hack both Androids and iPhones. Google’s relative silence on Android phones being equally susceptible to the attack also raises some eyebrows. Project Zero manager Tim Willis defends the company’s announcement saying that the iOS hack was identified in January while Volexity’s research was only discovered later this year.
Volexity, a Washington D.C. cybersecurity firm in its findings shows how websites would automatically hack Android phones users who visit these sites. Volexity characterize this hack as a “watering hole” attack. This tactic they say did not target anyone, in particular. These attacks were indiscriminate and affects anyone visiting the site iPhone or not.
The fact is that iPhones continue to be the most expensive smartphones in the market today. If you consider how much an average Chinese worker makes, few could actually afford an iPhone.
According to Statista.com, there were 480 million smartphone users in China in 2014. Estimates predict this to grow to 690 million in 2019. Of these, Android has a 73.24 percent share of mobile operating systems. And if you factor how much the average worker in China makes, all the numbers point to Android phone users being more likely to be susceptible to the attack.
The real concern here is state-sponsored hacking. The idea of this iPhone hack being employed towards any group of users can be disturbing. So what’s going to stop any government from “monitoring” its citizens?
Is the iPhone 11 worth its price?
Apple certainly does not enjoy the same technological advantage over its competitors a few years before. In fact, some of the other manufacturers beat the company in its own game by managing to roll-out better smartphones at lower prices. So what makes iPhones more expensive? Call it branding, but most iPhone users believe that their devices are more secure .
With the recent launch of the iPhone 11 this September, the timing of this news can have a negative effect on customer sentiment. However, it remains to be seen if this can hurt new iPhone sales.
We would certainly like to hear from you if this would affect your decision to grab the latest iPhone and your thoughts on Apple’s latest offering. Love that camera?