Researchers from Google have revealed that it found critical flaws in Apple which gave hackers the root access to several iPhones through malicious websites. A research team from Google’s Project Zero, has published a report yesterday mentioning that it has found out malicious websites which could have been used to infect and hack several of iPhone devices. In what is being described as “one of the largest attacks against iPhone users ever,” several users were ‘indiscriminately’ targeted using several hacked websites over a period of two years.
“Simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant. We estimate that these sites receive thousands of visitors per week.” said a Google security researcher from Project Zero, Ian Beer. These flaws made every iPhone running iOS to iOS 12.1.4 vulnerable.
The hackers used previously undiscovered security flaws to attain the ‘root’ level access on the smartphone which is the highest level of access on iPhone devices. Google researchers found as much as five exploit chains with 12 security flaws which were used to access user data including their photos, messages and locations.
Google says that it gave these details to Apple in February which issued a security fix for these flaws within 10 days. The updates were rolled out to users through iOS 12.1.4.