iPhone hack discovered by Google used against more targets

Sep 2, 2019 11:21 GMT  ·  By

The massive iPhone hack discovered by Google recently is being used against a wider array of targets, according to a new report, and these include devices running Windows and Android.

Forbes cites people familiar with the matter as saying that the hacking group trying to exploit the flaws specifically targeted the devices operated by the Uighur ethnic group in China, which itself has been in the crosshairs of the Beijing government for years.

According to the report, the same websites that were used against iPhone users were actually part of the attacks aimed at Windows and Android devices, albeit specifics on how exactly the exploits worked on these platforms are not available.

On iPhones, hackers attempted to point users to links which then redirected them to compromised pages serving implants whose role was to steal information like passwords, logs, and live location data. The attacks were updated several times, Forbes notes citing the same people, especially as they needed to infect more devices and avoid detection.

Windows users under attack

Google hasn’t provided any information regarding a potential attack aimed at Windows and Android, and the analysis published by the Project Zero team, which is responsible for discovering and reporting security vulnerabilities, doesn’t point to any exploits aimed at any other platform than iOS.

The cited source, however, says Google “had only seen iOS exploits being services from the sites,” so not even the search giant’s security researchers might be aware of attacks being aimed at Windows and Android.

Microsoft too says it hasn’t been informed of hackers going after its customers.

“Google Project Zero was very specific in its blog post that the recently publicized attacks used unique iPhone exploits and they have not disclosed similar information to us,” a Microsoft spokesperson was quoted as saying by the same source. “Microsoft has a strong commitment to investigate reported security issues and, should new information be disclosed,  we will take appropriate action as needed to help keep customers protected.”

No information is available on what Android models and Windows versions are being targeted.