We are usually used (although it should not be so) to our phones to become infected with a virus or malware by downloading applications that we should not. This is our daily bread but Apple and its iPhone is not that they are safe from burning. In fact, Google claims that thousands of Cupertino’s phone units could have been infected (and hacked) simply by visiting a series of web pages.
Google’s security researchers say they have found a number of malicious websites that, when visited, can hack the victim’s iPhone harmlessly, without even knowing it. This is achieved by exploiting a series of vulnerabilities present in iOS that Apple would not be aware of. According to the company, these websites were visited thousands of times per week.
Simply by visiting the “altered” site, it is enough for the server to attack the access device to that web page. If the work was successful, the website may monitor the Apple phone.
The researchers found five different vulnerabilities that accumulate a dozen security flaws, feel them present in Safari, the iPhone web browser. All of them together allow an attacker to gain access to the root of the device, the highest level of access and privileges that can be achieved on an iPhone. In this way, an attacker could gain access to features that normally have a prohibited access for the user.
This means nothing more than an attacker could silently install malicious applications to spy on an iPhone owner without his knowledge or consent. In fact, Google claims that these vulnerabilities were used to steal photos and messages from the user, as well as track their location almost in real time. The “virus” could also have had access to the bank information hosted on the device and the saved passwords.
These vulnerabilities were present in software versions from iOS 10 to iOS 12 and Apple has corrected them in iOS 12.1.4. For this reason, having spent 90 days since the discovery and notice of them by Google to Apple, the Internet giant has now made this information public.