Massive iPhone Hack Targeted 1 Billion Users And The Culprit Is A Nation State Actor

Apple iPhone Xs Max lifestyle 09122018
Last week we reported on multiple flaws in iOS that were found by Google's Project Zero team that primarily affected iPhones. There were a total of 14 vulnerabilities uncovered, which included exploits for the Safari web browser and the iOS kernel itself. Amazingly, perpetrators of these exploits were able to perform "drive by" attacks to pilfer photos, user contact details, and app data from users that simply visited malicious websites with their iPhones.

While Apple was quick to fix the vulnerabilities when it was alerted about them, we didn't learn last week who had actually carried out the attacks using these previously unknown vectors. Now, thanks to reporting from TechCrunch, we have a good idea of who was behind the scheme and who the targets were. According to the report, the attacks were state-sponsored, with the likely perpetrator being China

The target of the attacks was the primarily Muslim Uyghur community residing in China's Xinjiang territory (autonomous region). Muslims are a minority in China, and the government has been accused of spying on the community and even placing people in internment camps. The Chinese government's efforts to infiltrate the Uyghur community were aided by the iOS vulnerabilities with devastating effects.

Apple iPhone Xs line up 09122018

With "thousands of visitors" accessing malicious website, not only was their private data captured, but their location data was also made visible, allowing them to be tracked on command by the Chinese government. While the Uyghur community was the primary target, anyone that visited the malicious websites put their personal data and location details at risk.

If you have an iPhone in your possession, the chances are that you are already protected against the iOS and Safari exploits. After Apple was notified in early February 2019 of the vulnerabilities, they were fixed with iOS 12.1.4 on February 7th.

The most currently public release of Apple's mobile operating system is 12.4.1. Apple's next generation iOS 13 will be released to the public later this month following the launch of this year's family of iPhones.

Show comments blog comments powered by Disqus