Skip to main content
  1. Home
  2. Mobile
  3. News

Google says hackers have been able to access your iPhone data for years

Mark Jansen
By
Image used with permission by copyright holder

iPhones from iOS 10 to recent versions of iOS 12 were open to having messages, images, and location data stolen by hackers through a web-based exploit, according to Google’s external security & research blog, Google Project Zero.

As part of a 30-month-long operation, researchers were able to take advantage of an exploit in Apple’s default web browser, Safari, to load malware onto devices. Simply landing on an infected webpage was all that was needed to infect an iOS device, and once deployed, the malware allowed hackers to access sensitive data from across the device. According to the extensive blog post, the earliest version of iOS infected by this exploit was iOS 10.0.1, meaning the security hole was likely in existence from at least September 2016.

Recommended Videos

Once the malware was loaded, the hacker had access to a wide variety of data from the infected device. The final post of the blog contains minute details of the data that could be siphoned from various apps. This included messages from WhatsApp, Telegram, and other otherwise secure messaging apps, accurate location data, and contact details. The malware could even take copies of images and emails received on the device, all without the user’s knowledge.

Related

The malware would send an update every 60 seconds, ensuring the hacker always had an up-to-date version of all the stolen data. On the plus side, the hack could be cleared out by restarting a device, as the malware would not be stored in the local memory. As another side effect, this constant updating would also be likely to take a severe toll on the device’s battery life.

Thankfully for iOS users, Google reported this exploit to Apple on February 1 and it was apparently fixed via a security patch on February 7. However, that probably only accounts for devices on the latest version of iOS, iOS 12. While unverified, users of iPhones running older versions of iOS should be aware that this exploit potentially still exists. According to Apple, that only accounts for 12% of all active iOS devices, but it’s still a hefty chunk of users.

If you’re not sure what version of iOS you’re running, head to Settings > General > About, and see which version of iOS is listed under Software Version.

While always good advice, be careful of the websites you visit and avoid any clicking on any suspicious links. If you suspect you have been infected, restart your device to hopefully clear the malware. However, just because the malware has been cleared doesn’t mean you’re out of the woods yet. According to Google’s Ian Beer, “given the breadth of information stolen, the attackers may nevertheless be able to maintain persistent access to various accounts and services by using the stolen authentication tokens from the keychain, even after they lose access to the device”.

With that in mind, the only real solution to the exploit may well be upgrading to a new iPhone. The latest versions of iOS 12 (soon to be iOS 13) have been immunized against the exploit, so you’ll be able to surf in peace.

We have reached out to Apple for comment and will update when we hear back.

Editors' Recommendations

Topics
Mark Jansen
Mark Jansen
Contributor
Mark Jansen is an avid follower of everything that beeps, bloops, or makes pretty lights. He has a degree in Ancient &…
This one thing could make iOS 18 the best iPhone update in years
The Home Screen on the iPhone 15 Pro Max.

Apple’s WWDC 2024 is just a couple of months away. As with every WWDC, we’ll see what Apple has in store for the next generation of software across its hardware portfolio, including the iPhone with iOS 18.

Rumors have been swirling about iOS 18 and how it will be “one of the biggest updates yet.” We know some features like RCS support in Messages are definitely coming, with other whispers of big home screen customization changes and more.

Read more
This is our best look yet at the iPhone 16’s big design changes
iPhone 15 Pro in Natural Titanium held in hand in front of a cement brick wall.

It seems Apple is prepping yet another design refresh for its smartphones this fall season. In 2023, the iPhone 15 Pro made an aesthetic deviation by serving thinner bezels and titanium looks alongside a new multi-function button. This year, it’s going to be the entry-point iPhone 16 and its Plus variant that are apparently lined up for a design refresh.

Tech commentator Sonny Dickson has shared dummy units reportedly depicting all four iPhone 16 variants, which seem to confirm what previous leaks have predicted so far. On the iPhone 15 and iPhone 15 Plus, the camera lenses dance diagonally on a square bump. Apple is reportedly ditching the current camera arrangement for their respective successors in favor of a pill-shaped vertical setup.

Read more
Everything Apple says is wrong about the DOJ’s iPhone lawsuit
The Apple logo on the iPhone 14 Pro Max.

The antitrust season is in full swing in 2024. This time around, Apple is in the cross-hairs of regulators, bringing back memories of the historic Microsoft antitrust case that unfolded over two decades ago. Back then, the focus was on Windows and web browsers. In Apple’s case, the iPhone is the centerpiece, with a wide ecosystem woven around it.

Experts say the case against Apple, which dives deep into monopolistic conduct, is surprisingly strong. The Department of Justice, in its lawsuit, has targeted everything from the iMessage “green bubble” mess and Apple Watch incompatibility situation to the locked app ecosystem and objectionable practices that Apple has put in place to maintain its alleged monopoly.

Read more