The Google Project Zero team discovered a number of malicious sites that could quietly hack the iPhone.
According to Project Zero, users visited these sites thousands of times a week . One visit was enough for the site server to attack the iPhone. If the procedure was successful, a special code was imperceptibly loaded onto the smartphone.
Then the attackers got full access to the device. They could remotely control phone functions and quietly install spyware applications.
These vulnerabilities were used to steal photos and messages from users, as well as to track their location in real time. Hackers could also access saved passwords.
Sites on average existed for two years . The problem affected all iPhones running on iOS 10, iOS 11 and iOS 12.
Google told Apple about this vulnerability in February 2019, providing a week to fix it. After 6 days, Apple released iOS 12.1.4 , which blocks hacking attempts.
The uniqueness of this case is that the hackers did not have specific goals, as is usually the case. Hacked all the iPhones that accidentally hit the sites. [ 9to5Mac ]