Google says a bunch of malicious websites have been secretly hacking iPhones for years

When you think of Apple products, you tend to think of them as more secure. Apple’s control over both hardware and the software that runs on it has made most users think they’re immune to viruses and other hacks.

They’re wrong in this assumption, as a group of researchers at Google have discovered a massive attack against iPhone users, that was using hacked websites to deliver the payloads.

The scary part? Just visiting the website on your iPhone is enough to get you attacked, and possibly infected by a monitoring implant.

A group of malicious websites has been hacking iPhones for years

Google’s Threat Analysis Group (TAG) collected five distinct iPhone exploit chains, based on combinations of 14 vulnerabilities. That level of sophistication means this is likely someone with huge backing, maybe even a nation-state. That’s because iPhone exploits are expensive, due to the difficulty of actually successfully attacking the device.

• TAG estimates that each of the malicious websites gets thousands of visitors per week
• Once installed, the monitoring implant stole files and uploaded live location data
• The monitoring implant could also see encrypted messages from services such as WhatsApp, Telegram, and iMessage, as it had access to a user’s keychain, the secure area that Apple stores user passwords and encrypted databases of those messaging services
• Rebooting the iPhone is enough to clear the infection, as the implant doesn’t have a persistent install

Yikes. I mean, this is terrifying. If you went to one of the unnamed sites, hackers have all your messages, all your passwords, all your logins… Apparently the A12 chip in the iPhone XS is mostly immune, but anyone with older devices could have been compromised. Probably a good idea to change all of your passwords, again.

Build software without devs. Blazingly fast. Trusted by 100,000+ teams worldwide. It's so easy, anyone can use it. Start building now.

Try it for FREE

"Just Write Your Damn Book Already” is a printable guidebook that helps you turn ideas into manuscripts. It’s affordable and perfect for aspiring authors

Get Your Copy Now

Learn AI in 5 Minutes a Day. We'll teach you how to save time and earn more with AI. Join 70,000+ free daily readers for trending tools, productivity-boosting prompts, the latest news, and more.

Sign up - It's FREE

What do you think? Surprised by the news? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

• Apple is finally letting independent businesses repair your iPhone
• Gmail has been keeping tabs on every single purchase you’ve made
• An Android app with 100 million downloads was pulled for spreading malware
• This sportswear from Wisenfit will literally supercharge your workouts

Joe Rice-Jones

Maker, meme-r, and unabashed geek with nearly half a decade of blogging experience. If it runs on electricity (or even if it doesn't), Joe probably has one around his office somewhere. His hobbies include photography, animation, and hoarding Reddit gold.