Visiting a website can apparently make an iPhone hacked by the hackers. Not only that, according to Google researchers, it is quite possible for hackers to access encrypted messages that are on the iPhone.
In other words, messages on the WhatsApp, Telegram, iMessage, and others installed on the iPhone can be hacked.
This is a reminder that iOS can also be infiltrated by hidden malware that opens encryption, controls the operating system and everything in it.
Citing the Forbes page, Sunday (1/9/2019), Google researcher Ian Beer explained about the “monitor implants” installed by the hackers on the iPhone.
He underlined, this implant has access to all database files on the victim’s device, including applications that have been encrypted.
“The database consists of unencrypted text messages sent and received through applications such as WhatsApp and others,” Ian Beer said.
The implant also allows the hackers to break into Gmail, Google Hangouts, contacts, and victims’ photo galleries. Not only that, the hackers can also see the user’s location and where he has driven.
Stolen data will be sent to The Hacker Server
The malware also stole “keychain” passwords and WiFi access that the device remembered. Worse yet, Ian Beer also said, the hacker did not encrypt the data they had stolen.
“Everything is clear, if you have ever been connected to unencrypted WiFi, this information is shared with everyone around, including telecommunications operators, every intermediary network, to the command and control server,” wrote researcher Ian Beer.
That means, not only the encrypted message application is violated. Ian Beer said, the hackers also sent all content from this encrypted application in open text to the network on their server.
“The implant has access to all personal data available on the device. The data can be uploaded unencrypted to the attacker’s server,” Ian Beer said.
Immediately Update Apple iOS
Ian Beer added, when the iPhone has been cleaned (by restarting or security patches), the information stolen by the hackers can still be used to enter the victim’s account.
“Given the extent of the stolen information, attackers can still maintain access to various accounts and services using stolen authentication tokens. Even after they lose access to the device,” Ian Beer said.
He said iPhone users had to update their device to the latest iOS operating system as soon as possible to fix this vulnerability.