Google undiscovered a set of websites which were delivering malware into the iPhone sites. These websites had malware that is aimed for only iPhone users. According to a report, these websites were visited thousands of times till now. They were pretty active for a long time now.
There is no need for doing anything while you are on this site. Just visiting this hacked site was enough to exploit the things. The hacker can get into your device with ease. Another bad news here is that they can install a monitoring plant directly into your device. According to the estimate, these sites receive some thousands of visitors every week.
Apple Was Unaware of This Attack that Can iPhones from Years:
Apple was completely unaware of this issue and they don’t even know that it existed. The exploiter took this as an advantage. This is a zero-day situation which means the company doesn’t know what is happening at all. This vulnerability made it even easier for hackers to get into the devices now.
In general, the zero-day attacks are more effective when compared to the normal attacks. As the company doesn’t even know what the vulnerability is, it becomes tough to fix it.
iPhone exploits are very expensive and in general, it is not easy to hack these devices. The exploit price of iPhone in the market is 3 million USD and this is just the starting price.
The vulnerabilities in iPhone OS, kernel, browser, and sandbox are designed to keep the code running. According to BEER, Google was able to collect five different iPhone exploit chains and these five had 14 vulnerabilities. These chains were capable of exploiting versions of iOS 10 to iOS 12. At least one of these chains were zero-day when they are discovered.