News

Media: discovered by Google iPhone hackers also attacked Android and Windows users

At the end of last week, Google Project Zero experts said that unnamed sites attacked iPhone users for more than two years using 14 vulnerabilities combined in five exploit chains. It seems that Google-caught iPhone crackers have also attacked Android and Windows users.

Compromise occurred without any user’s involvement, it was enough just to go for a malicious resource.

Researchers did not specify what kind of sites it were, but noted that the attacks were not targeted. They applied to all iOS users who visited the resources (and those totaled thousands of visitors per week).

Exploiting vulnerabilities, cybercriminals installed spyware on users ‘devices that did not survive a reboot, but could steal victims’ personal data, including instant messenger messages, contacts, photos, and device location information in real time.

As Forbes and TechCrunch now report, Google experts do not write about the real extent of the campaign they discovered. Therefore, the media refer to their own sources and explain that it seems to be a classic “watering hole” attack. Such attacks are called by analogy with the tactics of predators who hunt at a watering hole, waiting for prey – animals that came to get drunk.

Read also: Google experts found 14 vulnerabilities in iOS that for several years were used by attackers

According to sources, the campaign was aimed at the Uighurs, the Muslim population of the Xinjiang region of China. Mass surveillance has been conducted for people there for so long, and more than a million Uighurs are held in prisons and educational camps. That is, the malware sites seemed to be Uyghur.

Cooper Quintin

“The Chinese government has been systematically targeting the Uighur population for surveillance and imprisonment for years. These attacks likely have the goal of spying on the Uighur population in China, the Uyghur diaspora outside of China and people who sympathize with and might wish to help the Uighur in their struggle for independence”, — said Cooper Quintin, senior staff technologist at the Electronic Frontier Foundation.

In addition, it is reported that the campaign was aimed not only at iOS users; unknown attackers used similar tactics against Android and Windows users, that is, we are talking about a very large-scale operation. It is not known which payloads were delivered to users of other operating systems.

“That Android and Windows were targeted is a sign that the hacks were part of a broad, two-year effort that went beyond Apple phones and infected many more than first suspected. One source suggested that the attacks were updated over time for different operating systems as the tech usage of the Uighur community changed”, — reports Forbes.

One source told TechCrunch that the malware sites infected not only Uyghurs but also users that regularly accessed these domains because Google indexed them. Finally, it forced the FBI to ask Google to remove sites from search to prevent new infections. Representatives of Google and the FBI declined to comment.
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Recent Posts

Remove Kurlibat.xyz pop-up ads (Virus Removal Guide)

Kurlibat.xyz is a site that tries to trick you into clik to its browser notifications…

13 hours ago

Remove Initiateintenselyrenewedthe-file.top pop-up ads (Virus Removal Guide)

Initiateintenselyrenewedthe-file.top is a domain that tries to trick you into clik to its browser notifications…

13 hours ago

Remove Wotigorn.xyz pop-up ads (Virus Removal Guide)

Wotigorn.xyz is a site that tries to force you into subscribing to its browser notifications…

13 hours ago

Remove Initiateintenselyprogressivethe-file.top pop-up ads (Virus Removal Guide)

Initiateintenselyprogressivethe-file.top is a domain that tries to force you into clik to its browser notifications…

13 hours ago

Remove Nuesobatoxylors.co.in pop-up ads (Virus Removal Guide)

Nuesobatoxylors.co.in is a domain that tries to trick you into subscribing to its browser notifications…

17 hours ago

Remove Helistym.xyz pop-up ads (Virus Removal Guide)

Helistym.xyz is a site that tries to force you into clik to its browser notifications…

17 hours ago