China behind the iPhone hacking


By MYBRANDBOOK


China behind the iPhone hacking

An attack that used malicious websites to hack iPhones is now believed to have originated in China and, in a new development, appears to have targeted Android devices and Microsoft Windows PCs as well, the Forbes report says.

 

The unprecedented attack on Apple iPhones revealed by Google this week was broader than first thought. Multiple sources with knowledge of the situation said that Google’s own Android operating system and Microsoft Windows PCs were also targeted in a campaign that sought to infect the computers and smartphones of the Uighur ethnic group in China. That community has long been targeted by the Chinese government, in particular in the Xinjiang region, where surveillance is pervasive.

 

The attack, first revealed Aug. 30 by Ian Beer, a researcher with Google LLC’s Project Zero, involved the use of malicious sites going back as far two years. Those sites, designed to hack the devices of visitors to gain access to their devices to steal data used at least 14 different vulnerabilities to do so, including some previously unknown “zero-day” exploits.

 

The origin of the attacks remained unknown before now, but two separate reports claim that the malicious sites were part of a Chinese state-sponsored attack that was targeting the Uyghur community of the Middle Kingdom’s Xinjiang Uyghur Autonomous Region. The area has gained western media attention after China responded to an independence campaign and terrorist attacks by detaining a significant number Uyghurs in re-education camps aimed at changing ther political and religious beliefs. Western media claims they’re concentration camps.

 

TechCrunch broke the China link first on Saturday, quoting sources as saying that while the campaign was targeting Uyghurs the websites also infected non-Uygurs who inadvertently accessed these domains as they were indexed in Google search.

 

Since that initial report, Forbes confirmed today that the China link with its own sources with the addition that the campaign was not limited to iPhones but also sought to infect Android devices and Windows computers belonging to the Uyghur community as well. “Google’s and Microsoft’s operating systems were targeted via the same websites that launched the iPhone hacks,” the report said.

 

Now the users are being made aware they might have been compromised by this technique, the real work can start in securing vulnerable apps and accounts again. Threat actors now have access to user passwords, images, apps, Gmail database and the like, so a big concern is that they could also have access to emails that are synced to their mailbox. If the infected phone has been used solely for business purposes, it is likely that the company now faces the scenario that their private business information is now known to the threat actor and has either been leaked or could be exploited for financial gain.

 E-Magazine 
 VIDEOS  Placeholder image

Copyright www.mybrandbook.co.in @1999-2024 - All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.
Other Initiatives : www.varindia.com | www.spoindia.org