According to Google, thousands of iPhones were hacked just by visiting a seemingly harmless website. As Google Project Zero documented, this incident calls the entire security of iPhones into question.
While it was previously assumed that "normal people" were not affected by iPhone hacks, every Apple user now has cause for concern.
How could iPhones be hacked?
Unfortunately, there are still some ambiguities, but it is already clear:
- Visiting a specially prepared page was enough, and the iPhone was infected. The attack tools targeted, among other things, all passwords, encrypted WhatsApp, Telegram & Skype chats, and emails. GPS tracking was also implemented.
- The security vulnerabilities had been exploited for several years! iOS 10, 11, and 12 were affected.
- After a reboot of the iPhone, the danger is eliminated – as soon as you revisit the website, a new infection occurs.
- The attacks were specifically aimed at iPhone users, although similar attacks on Android and Windows are also known. Newer iPhones with A12 or A12-X CPUs were not affected.
- The exploited security vulnerabilities have already been closed by Apple with the last update and can no longer be exploited. However, it is probably only a matter of time before further security vulnerabilities are found.
- All attacks only went through Safari. If you use Chrome or Firefox on the iPhone, you are still safe.
Who is behind the iPhone hack?
It is suspected that the Chinese government is behind the attack. However, Google has not yet revealed which websites are or were infected. It was probably about monitoring the Uyghurs, a Muslim minority in China.
Self-help for iPhone Hack
No one should now rely on the fact that China is far away. Certainly, other states also use similar means.
Immediate help can currently be provided by changing the browser and by completely restarting the iPhone. And please always install all updates!
