Google reveals years-long ‘indiscriminate’ iPhone hack

Once installed, the malicious software primarily focused on stealing files and uploading live location data. (File/Shutterstock)
Updated 30 August 2019

Google reveals years-long ‘indiscriminate’ iPhone hack

  • Most of the vulnerabilities targeted were found in the iPhone’s default Safari web browser
  • Once embedded in a user’s iPhone, the malicious software sent back stolen data

WASHINGTON: Google security experts uncovered an “indiscriminate” hacking operation that targeted iPhones over a period of at least two years and used websites to implant malicious software to access photos, user locations and other data.
In a post Thursday on the blog of Google’s Project Zero security taskforce, cyber experts did not name the hacked websites hosting the attacks, but estimated they received thousands of visitors a week.
“Simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant,” said Project Zero’s Ian Beer.
Once installed, the malicious software “primarily focused on stealing files and uploading live location data,” Beer said, adding it had been able to access encrypted messenger apps like Telegram, WhatsApp and iMessage.
Google hangouts and Gmail had also been affected, he added in the post, which provided a detailed breakdown of how the malicious software targeted and exploited iPhone vulnerabilities.
Most of the vulnerabilities targeted were found in the iPhone’s default Safari web browser, Beer said, adding that the Project Zero team had discovered them in almost every operating system from iOS 10 through to the current iOS 12 version.
Once embedded in a user’s iPhone, the malicious software sent back stolen data, including live user location data back to a “command and control server” every 60 seconds.
Beer said Google had informed Apple of the attacks in February, and Apple subsequently released a security patch for the iOS 12.1.
Long the driver of Apple’s money-making machine, iPhone revenue overall was down 12 percent from last year to $26 billion.
The tech giant sent out invitations on Thursday to a September event at its Silicon Valley campus where it is expected to unveil a new-generation iPhone.


Twitter ties 130 accounts trying to disrupt first Trump-Biden debate to Iran

Updated 01 October 2020

Twitter ties 130 accounts trying to disrupt first Trump-Biden debate to Iran

  • Says it was able to identify the threats based on information from the FBI

RIYADH: Twitter on Thursday said it has expunged more than a hundred accounts that tried to interfere with the public debate between US President Donald Trump and his Democratic challenger Joe Biden on Tuesday night.

"Based on intel provided by the @FBI, last night we removed approximately 130 accounts that appeared to originate in Iran. They were attempting to disrupt the public conversation during the first 2020 US Presidential Debate," the American social networking service said in a statement.

 

"We identified these accounts quickly, removed them from Twitter, and shared full details with our peers, as standard. They had very low engagement and did not make an impact on the public conversation. Our capacity and speed continue to grow, and we'll remain vigilant," it said.

"As standard, the accounts and their content will be published in full once our investigation is complete. We’re providing this notice to keep people updated in real time about our actions. We wish to thank the @FBI for their assistance," Twitter said.

Iran and China are suspected of trying to interfere in the forthcoming US election to help Biden win, while Russia is said to have continued supporting Trump.

 

Weighing in, Twitter users took sides, with some slamming Iran and others blaming the social networking site for favoring the US president.

 

"Those activities against the American people were directed by (Iranian supreme leader) Ali Khamenei who has multiple accounts on Twitter. Perhaps Khamenei shouldn't have Twitter accounts to promote his malicious activities," tweeted Sam Kermani. @CTGR8

"Iran must be a lot worse then China, Russia, lots of other country's and even a ton of organizations in the United States with not getting caught doing that sort of stuff," added @mike10dude.

Alfredo Montanez (@Deadpool650) said Twitter should also "remove Trump's tweets when he posts fake information about voting information and Covid19 instead of just putting a label on it."

"Thank you. Would you mind banning the account of our biggest threat to democracy, Donald Trump?" chimed in Helen Armstrong (@HelenArmstrong5).