In August 2019, Google pointed out a security glitch in iOS that involves the release of users’ sensitive information.
It was Google’s Project Zero security researchers who found the glitch. In the report, it stated that cybercriminals had infected some websites with malware; which infiltrated iPhones to steal data from various applications such as Telegram, Hangouts, iMessage, Gmail, Photos, and Contacts. The malware also tracked GPS location in real-time.
The news created an upheaval amongst iPhone users. They expressed their anxiety on various social media channels.
But, it turns out, Apple already knew about the security threat early this year. And they were even able to fix it right away. Subsequently, Apple released a security patch in early February as iOS 12.1.4. However, Apple confirms that the malware was targeting the Uighur community in China.
In Apple’s statement, all iPhones are safe from any latest security threats. Later on, Apple also accused Google of inducing panic to their consumers.
“Google’s post, issued six months after iOS patches were released, creates the false impression of ‘mass exploitation’ to ‘monitor the private activities of entire populations in real-time,’ stoking fear among all iPhone users that their devices had been compromised. This was never the case,” Apple said.
It continued, “iOS security is no match because we take end-to-end responsibility for the security of our hardware and software. Our product security teams around the world are constantly iterating to introduce new protections and patch vulnerabilities. We will never stop our tireless work to keep our users safe.”
Google’s Response To The Accusation
Google did not put into detail how they found the malware.
“There was no target discrimination; simply visiting the hacked site was enough for the exploit server to attack your device, and it if was successful, install a monitoring implant,” Google said.
“Project Zero post technical research that aims to advance the understanding of security vulnerabilities, which leads to better defensive strategies,” Google’s respond to Apple’s statement.
“We stand by our in-depth research which focus on the technical aspects of these vulnerabilities. We will continue to work with Apple and other leading companies to help keep people safe online,” the response continued.
Emergency Patch For The iPhone
Last month, the Cupertino tech giant released an emergency fix for the iPhone due to a highly-publicized error. Wherein, Apple accidentally reopened a vulnerability in their iOS 12.4 released that enables a current-generation iPhone to be jailbroken and hacked.
An iPhone jailbreak removes device restrictions by the manufacturer. The end goal of a jailbroken iPhone is to allow users to install unauthorized software on their phones. A loophole in coding must be found to jailbreak the phone. Whereas, the new jailbreak now focused around the SockPuppet vulnerability.
When the security threat resurfaced, Apple fixed it in their latest version of its code, the iOS 12.4 that they released in June.
Jailbroken iPhones Required by Security Researchers?
In order to study the coding and to dive deeper into jailbroken iPhones, security researchers need to be able to jailbreak an iOS device.
Apple is willing to let the researchers do this and said that they will give out less restricted iPhones to the researchers as part of their program.
The latest slip-up by Apple was a goldmine for researchers because it let them study the most updated version of iOS today.
Google’s Project Zero
Project Zero is a group of security analysts that are employed by Google. The analysts’ job here is to find zero-day vulnerabilities, the secret hackable bugs.
The need for Project Zero came after a number of flaws found in software used by many users to research other problems.
The team says that approximately 96% of the security bugs they find are rectified before the 90-day deadline for public disclosure. So far, the researchers of the security unit have reported a total of 1,585 vulnerabilities since 2014.
Despite all of the issues, Apple remains firm about the strength of their security across all of their devices. Still, it’s best to keep your iOS devices updated at all times to avoid experiencing any bugs or worse. As security threats could compromise your personal information.
