Apple slams Google for raising false alarm over iOS vulnerabilities

Apple has slammed Google for creating a false impression about its iPhones being vulnerable to hacking risk. This is owing to security flaws that allegedly let several malicious websites break into its iOS operating system. Apple has released a big statement related to the issue. Here is all we know.

Google Project Zero report

Researchers working in Google’s Project Zero team had discovered several hacked websites that used security flaws in iPhones to attack users. Hacker would attack Apple iPhone users who visited these websites. Personal files, messages, and real-time location data would get compromised.

Apple releases a statement

In a statement, Apple said the so-called sophisticated attack was narrowly focused, not a broad-based exploit of iPhones “en masse” as described. “The attack affected fewer than a dozen websites that focus on content related to the Uighur community. Regardless of the scale of the attack, we take the safety and security of all users extremely seriously,” the Cupertino-based iPhone maker said.

“Google’s post, issued six months after iOS patches were released, creates the false impression of ‘mass exploitation’ to ‘monitor the private activities of entire populations in real-time’, stoking fear among all iPhone users that their devices had been compromised. This was never the case,” Apple said.

According to Google, the websites deliver their malware indiscriminately and have been operational for years. Apple, on the other hand, said, “all evidence indicates that these website attacks were only operational for a brief period, roughly two months, not ‘two years’ as Google implies”.

Google’s Threat Analysis Group (TAG) discovered that there was no target discrimination. Simply visiting the hacked site was enough for the exploit server to attack the iPhone. If it was successful, install a monitoring implant. “We estimate that these sites receive thousands of visitors per week,” said the Google blog post.

With inputs from IANS.

Go to Source

Leave a Reply

Your email address will not be published.