According to Google, thousands of iPhones were hacked just by visiting an apparently harmless website. As documented by Google Project Zero, this incident calls into question the entire security of iPhones.
While previously one could assume that ‘ordinary people’ were not affected by iPhone hacks, now every Apple user must be concerned.
How Were iPhones Hacked?
Unfortunately, some uncertainties still exist, but it’s already clear that:
- Simply visiting a specially prepared website was enough to infect the iPhone. The attack tools targeted all passwords, encrypted chats from WhatsApp, Telegram & Skype, and emails, among other things. GPS tracking was also implemented.
- The security vulnerabilities had been exploited for several years! iOS 10, 11, and 12 were affected.
- The threat is eliminated after rebooting the iPhone – but as soon as you visit the website again, a new infection occurs.
- The attacks were specifically targeted at iPhone users, although similar attacks on Android and Windows are also known. Newer iPhones with A12 or A12-X CPUs were not affected.
- The exploited security vulnerabilities have already been closed by Apple with the latest update and can no longer be exploited. However, it’s probably only a matter of time before more security gaps are found.
- All attacks were only through Safari. If you use Chrome or Firefox on your iPhone, you remain secure.
Who Is Behind the iPhone Hack?
It is suspected that the Chinese government is behind the attack. However, Google has not yet revealed which websites are or were infected. It was likely about surveillance of the Uyghurs, a Muslim minority in China.
Self-Help for iPhone Hack
No one should now rely on the fact that China is far away. Certainly, other states are using similar methods as well.
Immediate relief can currently be achieved by changing the browser and by a complete restart of the iPhone. And please always install all updates!
