Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Uncategorized

Apple: Security Report on iPhone Hack Created ‘False Impression’

Apple hit back Friday at a Google research report suggesting iPhones may have been targeted by a long-running hacking operation, calling it inaccurate and misleading.

Apple hit back Friday at a Google research report suggesting iPhones may have been targeted by a long-running hacking operation, calling it inaccurate and misleading.

Apple spokesman Fred Sainz said in a statement the research released by Google created a “false impression” that large numbers of iPhone users may have been compromised.

Sainz said that contrary to what Google claimed, the incident was a “narrowly focused” attack which affected “fewer than a dozen websites that focus on content related to the Uighur community, an ethnic minority in China.

“Regardless of the scale of the attack, we take the safety and security of all users extremely seriously,” he wrote.

“Google’s post, issued six months after iOS patches were released, creates the false impression of ‘mass exploitation’ to ‘monitor the private activities of entire populations in real time,’ stoking fear among all iPhone users that their devices had been compromised. This was never the case.”

Researchers with Google’s Project Zero security taskforce said last week that an “indiscriminate” hacking operation that targeted iPhones used websites to implant malicious software to access photos, user locations and other data.

“Simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant,” said Project Zero’s Ian Beer.

Sainz said Apple believes that the website attacks were operational for roughly two months, not two years as Google implied. 

Advertisement. Scroll to continue reading.

“We fixed the vulnerabilities in question in February — working extremely quickly to resolve the issue just 10 days after we learned about it,” Sainz said.

“When Google approached us, we were already in the process of fixing the exploited bugs. Security is a never-ending journey and our customers can be confident we are working for them.”

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Data security and privacy firm Protegrity has named Michael Howard as its CEO.

Anand Ramanathan has been appointed as Chief Product Officer at Deepwatch.

Managed security platform provider Deepwatch has appointed Sammie Walker as CMO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.