Skip to main content
  1. Home
  2. Phones
  3. Apple
  4. Mobile
  5. News

Google says hackers have been able to access your iPhone data for years

Add as a preferred source on Google
Image used with permission by copyright holder

iPhones from iOS 10 to recent versions of iOS 12 were open to having messages, images, and location data stolen by hackers through a web-based exploit, according to Google’s external security & research blog, Google Project Zero.

As part of a 30-month-long operation, researchers were able to take advantage of an exploit in Apple’s default web browser, Safari, to load malware onto devices. Simply landing on an infected webpage was all that was needed to infect an iOS device, and once deployed, the malware allowed hackers to access sensitive data from across the device. According to the extensive blog post, the earliest version of iOS infected by this exploit was iOS 10.0.1, meaning the security hole was likely in existence from at least September 2016.

Recommended Videos

Once the malware was loaded, the hacker had access to a wide variety of data from the infected device. The final post of the blog contains minute details of the data that could be siphoned from various apps. This included messages from WhatsApp, Telegram, and other otherwise secure messaging apps, accurate location data, and contact details. The malware could even take copies of images and emails received on the device, all without the user’s knowledge.

The malware would send an update every 60 seconds, ensuring the hacker always had an up-to-date version of all the stolen data. On the plus side, the hack could be cleared out by restarting a device, as the malware would not be stored in the local memory. As another side effect, this constant updating would also be likely to take a severe toll on the device’s battery life.

Thankfully for iOS users, Google reported this exploit to Apple on February 1 and it was apparently fixed via a security patch on February 7. However, that probably only accounts for devices on the latest version of iOS, iOS 12. While unverified, users of iPhones running older versions of iOS should be aware that this exploit potentially still exists. According to Apple, that only accounts for 12% of all active iOS devices, but it’s still a hefty chunk of users.

If you’re not sure what version of iOS you’re running, head to Settings > General > About, and see which version of iOS is listed under Software Version.

While always good advice, be careful of the websites you visit and avoid any clicking on any suspicious links. If you suspect you have been infected, restart your device to hopefully clear the malware. However, just because the malware has been cleared doesn’t mean you’re out of the woods yet. According to Google’s Ian Beer, “given the breadth of information stolen, the attackers may nevertheless be able to maintain persistent access to various accounts and services by using the stolen authentication tokens from the keychain, even after they lose access to the device”.

With that in mind, the only real solution to the exploit may well be upgrading to a new iPhone. The latest versions of iOS 12 (soon to be iOS 13) have been immunized against the exploit, so you’ll be able to surf in peace.

We have reached out to Apple for comment and will update when we hear back.

Mark Jansen
Former Mobile Evergreen Editor
Mark Jansen is an avid follower of everything that beeps, bloops, or makes pretty lights. He has a degree in Ancient &…
The AI phone era is coming, and the weird brands may not survive it
The market once had room for strange, scrappy, genuinely good phones. AI could turn that room into another luxury suite.
Electronics, Phone, Mobile Phone

I have a soft spot for phone brands that made Android feel less inevitable. Meizu is one example, but there were plenty of smaller names with their own strange little gravity, from Fairphone’s repair-first stubbornness to Unihertz’s tiny oddballs, Shiftphone’s modular ideals, Murena’s de-Googled pitch, and Teracube’s attempt to make phone ownership feel less disposable. They weren’t always perfect, and some were never built to go mainstream, but they made smartphones feel alive around the edges.

Now the AI phone push is arriving, and it already looks less like a creative explosion than a cover charge. Meizu said in 2024 that it would end new traditional smartphone projects and focus on AI-enabled devices, which sounds futuristic until it starts feeling like a warning label.

Read more
I was in love with my iPhone Air, until summer arrived
Turns out slim phones and scorching summers don't mix well.
iPhone Air in hand

When Apple unveiled the iPhone Air, I knew immediately it would be my next phone. I have always loved small phones, and I stretched my iPhone 13 mini for as long as possible. But it struggled to keep up with my usage, so I had to upgrade. 

Since Apple no longer makes a small iPhone, the slim iPhone seemed like the right choice at the time. And honestly, it worked out well. While the iPhone Air is not as easy to handle as an iPhone mini, it is one-handable thanks to its slim profile and lower weight. 

Read more
The regular iPhone 18 may miss out on two major Siri AI features
Standard iPhone 18 might not have enough RAM to run some AI features locally
Electronics, Mobile Phone, Phone

Apple is expected to debut the iPhone 18 Pro and iPhone 18 Pro Max this fall, possibly alongside its first foldable iPhone. The standard iPhone 18, however, is said to arrive later in spring 2027 with the iPhone 18e. While the lineup is expected to get more RAM, the upgrade may still fall short of what the standard and 18e models need for two advanced Siri AI features.

The issue is Apple’s AFM Core Advanced model. It powers Advanced Dictation Preview in iOS 27, along with Apple’s new expressive Siri voices. The model runs locally on supported devices, but it needs at least 12GB of RAM.

Read more