Specialists of the company Google announced one of the largest in the history of cyber attacks on the owners of iPhone. According to them, the attackers hacked a number of websites and use them to infect iOS devices with malware via zero-day vulnerabilities in the operating system. About the vulnerabilities, as the most malicious campaign, was not known for several years.
In the framework of the malicious unknown hacked sites, whose audience consisted of a few thousand users a week. Victims was enough to go on the compromised resource, and on their iPhone immediately loaded the malware. Click on elements of the site and scrolling pages was not necessary.
Malware could steal victims ‘ sensitive information, including photos from iMessage and GPS coordinates of your current location. The malware also had access to the passwords in the Keychain, and the database unencrypted messages in the services for communication such as Google Hangouts and even for encrypted messages WhatsApp, iMessage and Telegram.
After rebooting, the iPhone malware was removed, but the device and its owner remained vulnerable to cyber attacks.
In total, the Google Threat Analysis Group found five separate, unique exploits for 14 vulnerabilities, including zero-day. Researchers have notified Apple about them in February of this year, and the company fixed them with the release of iOS 12.1.4. The vulnerabilities affect all versions of iOS, starting from iOS 10 and ending with iOS 12.1.2 inclusive.
Company Positive Technologies is conducting a study on how much time I spend security professionals to work in the SIEM-systems and offers to anonymously answer a few questions https://surveys.hotjar.com/s?siteId=1095096&surveyId=140403.
Read more •••