Skip to main content

Google says hackers have been able to access your iPhone data for years

Image used with permission by copyright holder

iPhones from iOS 10 to recent versions of iOS 12 were open to having messages, images, and location data stolen by hackers through a web-based exploit, according to Google’s external security & research blog, Google Project Zero.

As part of a 30-month-long operation, researchers were able to take advantage of an exploit in Apple’s default web browser, Safari, to load malware onto devices. Simply landing on an infected webpage was all that was needed to infect an iOS device, and once deployed, the malware allowed hackers to access sensitive data from across the device. According to the extensive blog post, the earliest version of iOS infected by this exploit was iOS 10.0.1, meaning the security hole was likely in existence from at least September 2016.

Once the malware was loaded, the hacker had access to a wide variety of data from the infected device. The final post of the blog contains minute details of the data that could be siphoned from various apps. This included messages from WhatsApp, Telegram, and other otherwise secure messaging apps, accurate location data, and contact details. The malware could even take copies of images and emails received on the device, all without the user’s knowledge.

The malware would send an update every 60 seconds, ensuring the hacker always had an up-to-date version of all the stolen data. On the plus side, the hack could be cleared out by restarting a device, as the malware would not be stored in the local memory. As another side effect, this constant updating would also be likely to take a severe toll on the device’s battery life.

Thankfully for iOS users, Google reported this exploit to Apple on February 1 and it was apparently fixed via a security patch on February 7. However, that probably only accounts for devices on the latest version of iOS, iOS 12. While unverified, users of iPhones running older versions of iOS should be aware that this exploit potentially still exists. According to Apple, that only accounts for 12% of all active iOS devices, but it’s still a hefty chunk of users.

If you’re not sure what version of iOS you’re running, head to Settings > General > About, and see which version of iOS is listed under Software Version.

While always good advice, be careful of the websites you visit and avoid any clicking on any suspicious links. If you suspect you have been infected, restart your device to hopefully clear the malware. However, just because the malware has been cleared doesn’t mean you’re out of the woods yet. According to Google’s Ian Beer, “given the breadth of information stolen, the attackers may nevertheless be able to maintain persistent access to various accounts and services by using the stolen authentication tokens from the keychain, even after they lose access to the device”.

With that in mind, the only real solution to the exploit may well be upgrading to a new iPhone. The latest versions of iOS 12 (soon to be iOS 13) have been immunized against the exploit, so you’ll be able to surf in peace.

We have reached out to Apple for comment and will update when we hear back.

Editors' Recommendations

Mark Jansen
Mark Jansen is an avid follower of everything that beeps, bloops, or makes pretty lights. He has a degree in Ancient &…
How to save text messages on iPhone and Android
iMessage on an iPhone.

We receive a lot of important information via text. Whether it’s a date you need to set or important work-related info, you might find yourself wanting to save a text message. Modern smartphones all offer a way to back up your core data and transfer it to another device. However, transfers sometimes don’t include your text messages unless you save them ahead of time or are transferring across the same mobile operating system.

Here's how to save your text messages in Android and iOS.
How to save your text messages on iPhone
There are multiple ways to backup your iPhone text messages. Here are the easiest.
How to make iPhone text message backups using iExplorer
The most universal method of saving your iPhone text messages is via the iExplorer program.

Read more
Nomad’s new iPhone accessory is unlike anything you’ve seen before
Personal taking iPhone 15 Pro out of pocket with Rustic Brown Nomad Magnetic Leather Back attached.

Well-known leather case maker Nomad has a pair of sleek and elegant iPhone cases ready to adorn your iPhone 15 Pro or iPhone 15 Pro Max in time for Valentine’s Day.

Known for its quality leather cases, Nomad has long been a favorite of those who want to dress up their iPhone with a bit of style, and its two latest accessories mark the return of a fan favorite — plus something entirely different and unquestionably cool. They're definitely the most stylish among the roster of the best iPhone 15 Pro cases. 
The Magnetic Leather Back is something else

Read more
iPhone 16: news, rumored price, release date, and more
A person holding the Apple iPhone 15 Plus and Apple iPhone 15 Pro Max.

Apple iPhone 15 Pro Max Andy Boxall / Digital Trends

Though Apple only launched the iPhone 15 and iPhone 15 Pro recently, rumors have already begun about the iPhone 16 lineup coming in 2024. It's hard to believe, but it's true!

Read more