Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Uncategorized

Apple: Security Report on iPhone Hack Created ‘False Impression’

Apple hit back Friday at a Google research report suggesting iPhones may have been targeted by a long-running hacking operation, calling it inaccurate and misleading.

Apple hit back Friday at a Google research report suggesting iPhones may have been targeted by a long-running hacking operation, calling it inaccurate and misleading.

Apple spokesman Fred Sainz said in a statement the research released by Google created a “false impression” that large numbers of iPhone users may have been compromised.

Sainz said that contrary to what Google claimed, the incident was a “narrowly focused” attack which affected “fewer than a dozen websites that focus on content related to the Uighur community, an ethnic minority in China.

“Regardless of the scale of the attack, we take the safety and security of all users extremely seriously,” he wrote.

“Google’s post, issued six months after iOS patches were released, creates the false impression of ‘mass exploitation’ to ‘monitor the private activities of entire populations in real time,’ stoking fear among all iPhone users that their devices had been compromised. This was never the case.”

Researchers with Google’s Project Zero security taskforce said last week that an “indiscriminate” hacking operation that targeted iPhones used websites to implant malicious software to access photos, user locations and other data.

“Simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant,” said Project Zero’s Ian Beer.

Sainz said Apple believes that the website attacks were operational for roughly two months, not two years as Google implied. 

“We fixed the vulnerabilities in question in February — working extremely quickly to resolve the issue just 10 days after we learned about it,” Sainz said.

“When Google approached us, we were already in the process of fixing the exploited bugs. Security is a never-ending journey and our customers can be confident we are working for them.”

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cyberwarfare

The UK’s NCSC has issued a security advisory to warn about spearphishing campaigns conducted by two unrelated Russian and Iranian hacker groups.

Cybersecurity Funding

B2B payment security provider NsKnox raised $17 million in a new funding round that brings the total raised by the company to $35.6 million.

Uncategorized

Privacy experts have said they fear pregnancies could be surveilled and the data shared with police or sold to vigilantes.

Uncategorized

Regularly rebooting smartphones can make even the most sophisticated hackers work harder to maintain access and steal data from a phone

Uncategorized

An Italy-based firm's hacking tools were used to spy on Apple and Android smartphones in Italy and Kazakhstan, Google said Thursday, casting a light...

Funding/M&A

Steven Mnuchin’s Liberty Strategic Capital acquires majority stake in Dallas, Texas-based Zimperium 

Uncategorized

Google has removed roughly 1,700 unique applications from its Google Play app store that were part of a family of potentially unwanted programs. 

Uncategorized

The US Senate voted Thursday to bar TikTok from being downloaded onto US government employees' telephones, intensifying US scrutiny of the popular Chinese-owned video...