According to Google, thousands of iPhones were hacked just by visiting an actually harmless website. As the Google Project Zero has documented, this incident calls into question the overall security of iPhones.
If it could previously be assumed that “normal people” would not be affected by hacks to the iPhone, now every Apple user has to worry.
How could iPhones be hacked?
Unfortunately, there are still some ambiguities, but it is already clear:
- A visit to a specially prepared page was enough to infect the iPhone. The attack tools targeted all passwords, encrypted chats from WhatsApp, Telegram & Skpe and e-mails. GPS tracking was also implemented.
- The vulnerabilities have been exploited for several years! Affected were iOS 10, 11 and 12.
- After a reboot of the iPhone the danger is removed – as soon as you go to the website again, a new infection occurs.
- The attacks were targeted at iPhone users, but similar attacks on Android and Windows are also known. Newer iPhones with A12 or A12-X CPUs were not affected.
- The exploited security gaps were already closed by Apple with the last update and can no longer be exploited. But it is probably a question of time when further security holes will be found.
- All attacks were only made via Safari. If you use Chrome or Firefox on your iPhone, you are still safe.
Who is responsible for the iPhone Hack?
It is speculated that the Chinese government is behind the attack. However, Google has not yet revealed which websites are or were infected. Probably it was about the surveillance of the Uighurs, a Muslim minority in China.
Self-help for the iPhone Hack
No one should now rely on China being far away. Certainly other countries are using similar methods.
Immediate help can be found by changing your browser and restarting your iPhone completely. And please always install all updates!