Apple Answers Google Claim That iPhones Have Potential Massive Security Breach

UPDATE:  Apple has finally responded to a Google assertion of a massive security breach on iPhones, saying it created a “false impression of mass exploitation.”

Google asserted in August that iPhones suffered a massive security breach, with hackers placing so-called “monitoring implants” in an untold number of devices.

Apple is set to unveil a new set of iPhones in September.

Spokesman Fred Sainz said in an Apple statement that Google created a “false impression” on the scale of the problem. The security breach was a “narrowly focused” attack on “fewer than a dozen” websites related to the Uighur community of China.

“Google’s post, issued six months after iOS patches were released, creates the false impression of “mass exploitation…This was never the case.”

EARLIER: Apple iPhones have apparently suffered a massive security breach, with hackers placing so-called “monitoring implants” in an untold number of devices.

The issue was discovered by Google security researchers, who claim the infiltration has been going on for at least two years. The implant was inserted when users visited unspecified hacked websites, according to a blog post by Ian Beer of Google’s security research team, called Project Zero.

Apple is set to unveil a new set of iPhones in September. It is unclear whether the revelation of this hack will affect those plans. But it does raise questions on the security of an operating system that was largely viewed as safe and reliable compared to other systems.

The malware from the hacks could allow others to read all the database files on a victim’s phone, including messages between users on such encrypted platforms as WhatsApp, iMessage, Telegram and others. Gmail and Google Hangout information could also be read, and contacts and photos accessed. Passwords to other devices could also be compromised if stored on the iPhone,

And in an age where cryptocurrency and banking are done online, the potential for damage to any particular user it extreme.

“The implant has access to almost all of the personal information available on the device, which it is able to upload, unencrypted, to the attacker’s server,” Beer said. “There was no target discrimination; simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant.

The Project Zero team estimated that the sites “receive thousands of visitors per week.” Beer did not identify the hacked websites in the post, nor did he say how users can determine if their devices have been infected.

This article was printed from https://deadline.com/2019/09/apple-iphones-massive-security-breach-1202708446/