Google says hackers have put ‘monitoring implants’ in iPhones for years
Get link
Facebook
Twitter
Pinterest
Email
Other Apps
Google says hackers have put ‘monitoring implants’
in iPhones for years
Visiting hacked sites was enough for
server to gather users’ images and contacts
Alex HernFri
30 Aug 2019 03.03 EDTLast modified on Fri 30 Aug 2019 09.25 EDT
·An unprecedented iPhone hacking operation, which attacked
“thousands of users a week” until it was disrupted in January, has been
revealed by researchers at Google’s external security team.
The operation, which lasted two and a half years, used a small
collection of hacked websites to deliver malware on to the iPhones of visitors.
Users were compromised simply by visiting the sites: no interaction was
necessary, and some of the methods used by the hackers affected even fully
up-to-date phones.
Once hacked, the user’s deepest secrets were exposed to the
attackers. Their location was uploaded every minute; their device’s keychain,
containing all their passwords, was uploaded, as were their chat histories on
popular apps including WhatsApp, Telegram and iMessage, their address book, and
their Gmail database.
The one silver lining is that the
implant was not persistent: when the phone was restarted, it was cleared from
memory unless the user revisited a compromised site. However, according to Ian
Beer, a security researcher at Google: “Given the breadth of information
stolen, the attackers may nevertheless be able to maintain persistent access to
various accounts and services by using the stolen authentication tokens from
the keychain, even after they lose access to the device.”
Beer is a member of Project Zero, a
team of white-hat hackers inside Google who work to find security vulnerabilities in
popular tech, no matter who it is produced by. The team has become
controversial for its hardline approach to disclosure: 90 days after it reports
a bug to the victim, it will publish the details publicly, whether or not the
bug has been fixed in that time.
In total, 14 bugs were exploited for
the iOS attack across five different “exploit chains” – strings of flaws linked
together in such a way that a hacker can hop from bug to bug, increasing the
severity of their attack each time.
“This was a failure case for the
attacker,” Beer noted, since even though the campaign was dangerous, it was
also discovered and disrupted. “For this one campaign that we’ve seen, there
are almost certainly others that are yet to be seen.
“All that users can do is
be conscious of the fact that mass exploitation still exists and behave
accordingly; treating their mobile devices as both integral to their modern
lives, yet also as devices which when compromised, can upload their every
action into a database to potentially be used against them.”
Google said it had reported the
security issues to Apple on 1 February. Apple then released an operating system update which
fixed the flaws on 7 February.
World’s 1st remote brain surgery via 5G network performed in China Published time: 17 Mar, 2019 13:12 · A Chinese surgeon has performed the world’s first remote brain surgery using 5G technology, with the patient 3,000km away from the operating doctor. Dr. Ling Zhipei remotely implanted a neurostimulator into his patient’s brain on Saturday, Chinese state-run media reports . The surgeon manipulated the instruments in the Beijing-based PLAGH hospital from a clinic subsidiary on the southern Hainan island, located 3,000km away. The surgery is said to have lasted three hours and ended successfully. The patient, suffering from Parkinson’s disease, is said to be feeling well after the pioneering operation. The doctor used a computer connected to the next-generation 5G network developed by Chinese tech giant Huawei. The new device enabled a near real-time connection, according to Dr. Ling. “You barely feel that the patient is 3,000 kilometers away,” he said.
Visualizing The Power Of The World's Supercomputers BY TYLER DURDEN FRIDAY, JAN 21, 2022 - 04:15 AM A supercomputer is a machine that is built to handle billions, if not trillions of calculations at once. Each supercomputer is actually made up of many individual computers (known as nodes) that work together in parallel. A common metric for measuring the performance of these machines is flops , or floating point operations per second . In this visualization, Visual Capitalist's Marcus Lu uses November 2021 data from TOP500 to visualize the computing power of the world’s top five supercomputers. For added context, a number of modern consumer devices were included in the comparison. Ranking by Teraflops Because supercomputers can achieve over one quadrillion flops, and consumer devices are much less powerful, we’ve used teraflops as our comparison metric. 1 teraflop = 1,000,000,000,000 (1 trillion) flops. Supercomputer Fugaku was completed in March 202
Beijing Orders Alibaba To Dump Media Assets That Rival China's Propaganda Machine BY TYLER DURDEN MONDAY, MAR 15, 2021 - 07:30 PM Beijing is reviving its crackdown on the country's biggest tech firms, reminding the world that the CCP is still focused on neutralizing any and all threats to its control of the Chinese economy and its people. Even after amending China's official ideology to include entrepreneurs among the protected classes represented by the CCP (in addition to workers, farmers and soldiers), Beijing, with President Xi at its center, has apparently decided that Chinese tech firms won't follow the American model after all. Instead, their growth and competitive capabilities will be curtailed for the sake of stability at home. After Tencent was censured and strict new requirements were officailly imposed on Alibaba-owned Ant Group that will prevent the company from growing , the Wall Street Journal reports that next up on Beijing's to-do lis
Comments
Post a Comment