Researchers: Websites infected iPhones with spyware

Friday, August 30, 2019, Vol. 43, No. 35
By The Associated Press

Researchers say cyberspies exploited security vulnerabilities to plant spyware on Apple iPhones when users merely visited a small group of malware-infected websites.

Sensitive data accessed included text messages, photos and real-time location. Security experts are calling the just-announced vulnerability, which Apple fixed in February, the worst yet affecting iPhones.

Google security researchers say thousands of iPhone users were exposed over more than two years before Apple issued a patch. They do not say who was behind the cyberespionage but experts say it has the hallmarks of a nation-state effort.

Google researcher Ian Beer says in a blog posted late Thursday that the discovery should dispel any notion that it costs a million dollars to successfully hack an iPhone.

Apple did not immediately respond to a request for comment.