Google’s Threat Analysis Group was the first to discover the scheme earlier this year (news of the campaign was first disclosed Thursday). It involved a small group of websites aiming to infect visitors’ devices to gain access to their private information, including live location data and encrypted information on apps like on WhatsApp, iMessage, and Telegram. These websites were up for two years, during which thousands of visitors purportedly accessed them each week.
In February, Google notified Apple of 14 vulnerabilities the site’s malware exploited, which the company fixed within days with iOS 12.1.4. Apple disclosed in that update that the flaws, referred to as “memory corruption” issues, were fixed with “improved input validation.” The company hasn’t publically addressed Google’s account of the hack since the news broke earlier this week.
While the Google team only reported iPhone users being targeted by this attack, sources familiar with the matter told Forbes that devices using Google and Microsoft operating systems were also targeted by these same sites. Thus widening the potential scale of an already unprecedented attack.
Whether Google found or shared evidence of this is unclear, as is whether the attackers used the same method of attack as they did with iPhone users, which involved attempting to sneak malicious code onto users’ phones upon their visit to the infected websites. When asked about these reported developments, a Google spokesperson said the company had no new information to disclose. We also reached out to Microsoft and will update this article with their statements.
It was all part of a broad, two-year campaign to gather surveillance on the Uighur community, a minority Muslim group often targeted by the Chinese government, according to a TechCrunch report later confirmed by Forbes. However, Google noted in its disclosure of the hack that “simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant.” So it’s possible people outside this ethnic group could have been affected by the attack. A source also told Forbes the attacks may have been updated over time to be able to break into other operating systems to correspond with changes in the community’s usage.
Code Execution Vulnerability Identified in Change Healthcare Cardiology DevicesA vulnerability has been identified in Change Healthcare Cardiology, McKesson Cardiology, and Horizon Cardiology devices. The vulnerability could be exploited by a locally authenticated...
29% of Small Businesses Spend Less Than $1,000 on IT Security Annually and Why They Are The Most Targeted
29% of Small Businesses Spend Less Than $1,000 on IT Security Annually and Why They Are The Most TargetedThe digital and network footprint of small businesses is continually growing. Online commerce, social media, remote workers, and cloud-based IT infrastructure are...
What Other Companies Can Learn from Facebook’s $5 Billion Fine and Why Privacy MattersWhile Facebook’s $5 billion settlement stands as the largest fine in the history of the Federal Trade Commission (FTC), one must take into consideration that not every company is...
Stay Up to Date With The Latest News & Updates
Join Our Newsletter
Get weekly tech updates and immediate alerts when there is a zero-day or security issue!