Google says hackers have been putting ‘monitoring implants’ in iPhones for years

Support us and go ad-free

Hackers have been using compromised websites to install “monitoring implants” in iPhones for years, according to researchers at Google.

The malicious software gathers users’ images, contacts and other information.

Ian Beer, from Google’s Project Zero, said in a blog post that the hacked sites had received thousands of visitors each week.

Beer said:

There was no target discrimination; simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, to install a monitoring implant.

Project Zero is the technology company’s team for examining new security vulnerabilities.

Beer said most of the security flaws were found within Safari, the default web browser on Apple devices.

Read on...

Support us and go ad-free

Operating systems from iOS 10 to iOS 12 were targeted in the hack, which was able to access users’ apps including Instagram, WhatsApp and Gmail.

Google said it reported the security issues to Apple on February 1.

Apple then released an operating system update on February 7.

iPhone users should check their device is running the most up-to-date version of iOS in order to ensure they are protected from the flaw.

Users can check their software version by going to the Settings app on their device, selecting General and then tapping on the Software Update option.

Any required updates will then be displayed here, which users can select to install.

The most recent update currently available is iOS 12.4.1.

Beer warned that while the implant is not saved on Apple devices, it can again provide access to hackers when the owner visits a “compromised site”. He continued:

Given the breadth of information stolen, the attackers may nevertheless be able to maintain persistent access to various accounts and services by using the stolen authentication tokens from the keychain, even after they lose access to the device.

Apple did not immediately respond to a request for comment.

A man using an Apple iPhone 4s with iOS 8.1 software
The most recent update currently available is iOS 12.4.1 (Lauren Hurley/PA)

Apple’s iOS is considered one of the most secure operating systems available because both it and the devices it runs on are built and managed by Apple – with little chance for gaps to appear between hardware and software that could be exploited by hackers.

The general security of the technology giant’s devices has also previously placed it at odds with intelligence services in the US.

Apple was involved in a stand-off with the FBI in 2016 over access to the phone of a terror suspect in the San Bernardino shooting in California.

The FBI had asked Apple to create a software “back-door” to get around the phone’s security settings and access data on the suspect’s iPhone, but the tech firm refused.

Apple argued that overall user privacy was paramount and that creating a back-door to its software could place all iPhone users at risk should the tool ever fall into the wrong hands.

Support us and go ad-free

We need your help to keep speaking the truth

Every story that you have come to us with; each injustice you have asked us to investigate; every campaign we have fought; each of your unheard voices we amplified; we do this for you. We are making a difference on your behalf.

Our fight is your fight. You’ve supported our collective struggle every time you gave us a like; and every time you shared our work across social media. Now we need you to support us with a monthly donation.

We have published nearly 2,000 articles and over 50 films in 2021. And we want to do this and more in 2022 but we don’t have enough money to go on at this pace. So, if you value our work and want us to continue then please join us and be part of The Canary family.

In return, you get:

* Advert free reading experience
* Quarterly group video call with the Editor-in-Chief
* Behind the scenes monthly e-newsletter
* 20% discount in our shop

Almost all of our spending goes to the people who make The Canary’s content. So your contribution directly supports our writers and enables us to continue to do what we do: speaking truth, powered by you. We have weathered many attempts to shut us down and silence our vital opposition to an increasingly fascist government and right-wing mainstream media.

With your help we can continue:

* Holding political and state power to account
* Advocating for the people the system marginalises
* Being a media outlet that upholds the highest standards
* Campaigning on the issues others won’t
* Putting your lives central to everything we do

We are a drop of truth in an ocean of deceit. But we can’t do this without your support. So please, can you help us continue the fight?

The Canary Support us