Google Security Crew Sheds Light Long-Running IOS Spyware Operation

Project Zero a dedicated Threat Analysis Group of Google Security recently sheds light on long-running iOS spyware operations.

Google’s Project Zero warns billion of Apple users about the vulnerability of their phones and personal data hack. This revelation came into light the same day iPhone 11 launch was confirmed. Apple users seriously took this as a threat and Apple also started to increase their security levels and how to overcome these flaws.

Cybersecurity experts also added, “that a couple of iOS flaws that Apple patched back in February had been under attack for years”. Zero Team bug hunter Ian Beer explained how the compilation of fourteen vulnerabilities in various components of the OS, starting from browser to the kernel were bound together to covertly implant spyware on the devices of those who visited a bunch of hacked websites.

It is said to be the worst kind of general security issues found on Apple devices.

How iOS was hacked for years and what was their intention?

The hackers did this for almost two and a half years and they used a specific group of websites that were previously hacked by them to transfer infected malware on the iPhone.The five separate attack chains allowed an attacker to gain root access to the device and the highest level of access to the device. Senior Analysts said that the hackers used malicious apps to spy on the user’s phone without even letting them know.

Ian Beer added, that their intentions were not only photos, videos or data like messages and emails, but they also focussed on to gather user’s real-time location and more important information like the user’s on-device saved passwords and that can be a bank or electronic bank or electronic-paying modes.

The hackers planned to develop a design, so that they could compromise new versions of iOS and models of iPhones as they were released, ranging from iPhone 5s to iPhone X. The nature of the hack also enlightened users of how Apple approaches software development, patching and examining. 

What else Google revealed?

Ian Beer said that” there was no target discrimination; simply visiting the hacked site was enough for the exploit server to attack your personal device and if it turned out to be successful, they installed a monitoring implant.

Estimate suggest that these websites receive thousands of visitors per weak and millions a month and that’s a great number.

An operating system internal researcher Jonathan Levin stated, that this is the very first time these types of vulnerabilities have been used widely on the Internet. Millions of iPhone users accessed websites full of harmful malicious codes without even knowing.

He added that it really takes massive resources and knowledge to hack millions of iPhones and run this operation for more than 2 years. He doubted that this can’t be an individual hacker or a little group of a hacker,instead, it is a nation that could have done this. It is just a state-sponsored cybercrime. He mentioned the hackers were skilled and experienced and definitely belong from a intelligent community of hackers. Google’s note on this issue, implied that if a nation is involved, it could be the Russian or Chinese who may be targeting a racial minority within respective areas.

And to support this, the analysts in Xinjiang confirm that more than 1 million members of Muslim Minority group Uighur are sitting in “retaining camps” and they are being in use for surveillance technology to monitor and even oppress the population.

How Apple Fixed the Flaws?

Further Beer said “the fourteen flaws were grouped into five independent chains and each chain of vulnerabilities had a combination of sandbox escapes, kernel bugs, and elevation of privilege flaws that helped the attacker to hop from loading a web page to eliminating code as root.

Given the breadth of information stolen, the hackers would never be able to maintain constant access to different accounts and services by using the stolen authentication tokens from the keychain, even if they lose access to the device

Beer said at this moment there are no specific measures that an individual can take from their side to stop this. But all the users can start with being more conscious of the fact that mass exploitation is still out there and behave according to these kinds of situations. And if you don’t take this issue seriously, there are more in the world of hackers probably keeping a virtual eye on you and your online activities, who have the potential to hack your data and use data against you.

Google has set up a team of white hackers to find out security vulnerabilities in the latest technology and it will also include every giant tech organization. Google silently revealed this to Apple and notified them of the vulnerabilities in the month of February. It asked Apple to release a patch within a week.

Before people start having more security and privacy issues, Apple rolled out an patch with iOS 12.1.4 for iPhone’s and iPad air fixing the flaws. The update included “ Improved input validation and “memory corruption” problems.

Coming to a Conclusion 

Having discussed Google security crew sheds light on long-running iOS spyware operation, I hope you are much aware than before. Apple is now focussing more on security vulnerabilities and is investing more in general security and privacy protection. Now you know how this took place and how the hackers could use your data.