Apple has slammed Google for creating a false impression about its iPhones being at hacking risk owing to security flaws that allegedly let several malicious websites break into its iOS operating system.
Researchers working in Google’s Project Zero team had discovered several hacked websites that used security flaws in iPhones to attack users who visited these websites — compromising their personal files, messages, and real-time location data.
In a statement, Apple said the so-called sophisticated attack was narrowly focused, not a broad-based exploit of iPhones “en masse” as described.
“The attack affected fewer than a dozen websites that focus on content related to the Uighur community. Regardless of the scale of the attack, we take the safety and security of all users extremely seriously,” the Cupertino-based iPhone maker said on Friday.
“Google’s post, issued six months after iOS patches were released, creates the false impression of ‘mass exploitation’ to ‘monitor the private activities of entire populations in real time’, stoking fear among all iPhone users that their devices had been compromised. This was never the case,” Apple said.
According to Google, the websites delivered their malware indiscriminately and were operational for years.
According to the iPhone maker, “all evidence indicates that these website attacks were only operational for a brief period, roughly two months, not ‘two years’ as Google implies”.
Google’s Threat Analysis Group (TAG) discovered that there was no target discrimination as simply visiting the hacked site was enough for the exploit server to attack the iPhone, and if it was successful, install a monitoring implant.
“We estimate that these sites receive thousands of visitors per week,” said the Google blog post.
Google researchers also said they identified a vulnerability that accessed all the database files on the victim’s iPhone used by end-to-end encryption apps like WhatsApp, Telegram and iMessage.
Apple said that it fixed the vulnerabilities in question in February — working extremely quickly to resolve the issue just 10 days after it learnt about it.
“When Google approached us, we were already in the process of fixing the exploited bugs,” said the company, adding that its product security teams around the world are constantly iterating to introduce new protections and patch vulnerabilities as soon as they’re found.
WhatsApp us
Pingback: 7lab pharma steroids review
Pingback: extramovies bollywood hindi
Pingback: Whois Lookup
Pingback: knockoff Full Hunter Pocket Watch
Pingback: digital marketing agency Hong Kong
Pingback: uniccshop.bazar
Pingback: xnxxx
Pingback: huong dan 188bet
Pingback: Jelly beans
Pingback: cbd oil online
Pingback: w88
Pingback: bitcoin era review
Pingback: 7lab pharma
Pingback: Ahmia Directory of Tor Onion sites
Pingback: porn movie
Pingback: 먹튀검증안전놀이터
Pingback: quality engineering services - QE Services
Pingback: regression testing
Pingback: Intelligent Automation Solutions
Pingback: replicas Watch Hublot
Pingback: fake rolex
Pingback: DevOps solutions
Pingback: Software testing services
Pingback: rolex podr��bka
Pingback: Jacob Medwell
Pingback: http://fake-watches.top/
Pingback: microsoft exchange online plan 1
Pingback: exchange online plan 2
Pingback: elojob
Pingback: copy omega chronometer
Pingback: buy psilocybe cubensis spores mushroom online for sale overnight delivery usa canada uk australia
Pingback: penis envy
Pingback: fake id
Pingback: rarible nft