Google researchers, last week reported a vulnerability, an attempted mass iPhone hack. It was an evidence that a hacked site existed with an intention to hack Apple devices. The report revealed that the hacking site could attack an Apple device and install a monitoring implant. Apple responded that the report was false and that they were stocking fear in the minds of users.
Cybersecurity researchers at Google described the vulnerability as a campaign that launched to attack iPhones via a number of websites that have existed in the last two years.
The phone maker refuted the claims, however, insisting that the websites were only used to exploit a fewer number of iPhones and that they majorly featured content related to Uyghur community, a predominantly Muslim community in China.
“The sophisticated attack was narrowly focused, not a broad-based exploit of iPhones ‘en-masse’ as described…Google’s post, issued six months after iOS patches were released, creates the false impression of ‘mass exploitation’ to monitor the private activities of entire populations in real time, ‘stocking fear among all iPhone users that their devices had been compromised. This was never the case,” Apple said.
Apple also debunked Google’s duration claims of the attack, and that it fixed the loophole 10 days after if was notified about them.
“All evidences indicate that these website attacks were only operational for a brief period, roughly two months, not ‘two years’ as Google implies. When Google approached us, we were already in the process of fixing the bugs,” Apple said.
Nevertheless, Apple is angry because Google left a detail in its so-called research. An independent research was first carried from Volexity, a cyber-security firm based in Washington DC. The firm published a report about its discovery detailing a vulnerability that affected Apple’s iOS and Google’s Android. Yet, Google’s research decided to scrap that detail from its research.
Google claims it wasn’t aware that its own mobile operating system was affected. It’s a case of trying to pull out a stick from your neighbour’s eyes, when you have a log in yours.
Google insists that the publication wasn’t some sort of weapon against its rivals as this wasn’t the first time it would uncover something about Apple. The tech has reported over 200 loopholes to date, most of them, without controversy.
“Project Zero posts technical research that is designed to advance the understanding of security vulnerabilities, which lads to better defensive strategies. We stand by our in-depth research which was written to focus on the technical aspects of these Apple and other leading companies to help keep people safe online,” a spokesperson said.
This is clearly not a good time to uncover such a lapse, when the phone maker is expected to reveal a new line of iPhones on Tuesday. It nevertheless reassured its users of its safety.
“Our product security teams around the world are constantly iterating to introduce new protections and patch vulnerabilities as soon as they’re found. We will never stop our tireless work to keep our users safe.”