Apple often boasted about how secure the iPhone has always been though the reality could be far from that. A recent security analysis by Google’s Project Zero has found several websites that could hack into the iPhone thanks to a series of software flaws that existed in the subsequent iOS versions.
As described by the Project Zero researcher Ian Beer, the websites containing the malicious codes count visitors in the thousands every week. Further, simply visiting the site is all that would be needed for the iPhone to be hacked. Ian also claimed the iPhones could have been hacked for at least two years or maybe even more.
What should be even more worrisome is that the hackers could establish root access to the affected iPhones. That would mean the entire device along with all its features were fully accessible to the hackers, which includes photos, messages and everything.
Among the other things that too has been accessible to the hackers is precise location details as well as the entire list of passwords that might have been saved on the iPhone. Interestingly, there have been no reports so far of any major security breach for any group of iPhone users given the scale of successful attacks that were possible over the extended period of time.
Also, as per the details put forth by the researchers, its five exploit chains that were found exploiting a dozen security flaws of which, seven are associated with the Safari itself. For those who might have been living under the rock, Safari happens to be the go-to browser on every Apple device including the iPhone.
Google, however, said the matter was already brought to the notice of Apple and that the latter was provided a week to sort things out. That was back in February 2019 and fortunately, Apple did a fine job in sealing the loopholes with iOS version 12.1.4. In other words, all iPhone and iPad devices post iPhone 5s and iPad Air can be considered to be immune to the known attacks for now.
However, researchers have warned other vulnerabilities might be present though there sure are constant efforts to isolate and nullify such threats effectively.
