Shulou(Shulou.com)05/31 Report--

Security researchers on Google's Project Zero team said they found many hacked websites that indiscriminately attacked any iPhone accessing them by exploiting previously undisclosed security vulnerabilities. Motherboard reported that the attack may be one of the largest attacks against iPhone users. If a user accesses one of these malicious sites using a vulnerable device, their personal files, messages and real-time location data could be compromised. After releasing its findings to Apple, the iPhone maker fixed the vulnerabilities earlier this year.

Motherboard noted that the attack may have caused these sites to install implants that could access iPhone keychains. This would give attackers access to any credentials or certificates contained therein and allow them to access databases of security-seeming messaging apps such as WhatsApp and iMessage. While these applications use end-to-end encryption to transmit messages, if the endpoint device is vulnerable to this attack, an attacker can access previously encrypted messages in plain text form.

IOS versions 10 to 12 are affected.

This attack is noteworthy because it is so indiscriminate. Other attacks are usually more targeted, with individual links sent to the target. In this case, just visiting a malicious site is enough to be attacked and an implant can be installed on the device. Researchers estimate that thousands of visitors visit compromised websites each week.

If the user restarts the phone, the implanted malicious website installation will be deleted. However, the researchers said that because an attack would disrupt a device's keychain, an attacker could gain access to any authentication tokens contained within, which could be used to maintain access to accounts and services long after the implant disappears from the compromised device.

The researchers said they found 14 vulnerabilities in five different development chains, one of which had not been fixed at the time of the researchers 'discovery. IOS versions 10 through 12 are affected by the vulnerability, which the researchers say indicates attackers have been trying to attack users for at least two years.

The team said they contacted Apple in February to report the vulnerability and gave the company seven days to fix it. TechCrunch notes that this is shorter than the typical 90-day period researchers typically provide and may reflect the severity of the vulnerability. Apple iOS 12.1.4 fixes these vulnerabilities and fixes a major FaceTime security vulnerability.

Although these vulnerabilities have now been fixed, the researchers note that they may have many more vulnerabilities that have yet to be discovered. "For the activity we've seen, there's almost certain other activity to watch," they wrote. "You can find the full details of the exploit in the researcher's blog post.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.