Google found hacking attack on Apple users
Attack affects Apple devices such as iPhone & Mac
Google has identified a series of cyber-attacks on Apple users’ Macs and iPhones. According to the tech giant, the hackers behind the attack are “a highly-resourced group,” and the operation may be sponsored by the government as well. Google’s Threat Advisory Group (TAG) revealed the hacking attempts through a recent blog post. According to the report, Google’s TAG team discovered the attacks in late August of this year. Apple was swiftly notified about the zero-day attacks, and the company has already issued a fix for these.
On Apple devices, the attacks targeted two key vectors: macOS Catalina and Safari on iOS and macOS. The first was hacked by CVE-2021-30869, a zero-day vulnerability (or previously unknown vulnerability). TAG notified Apple about the security flaw, and Apple issued a fix on September 23. The attacks against Safari made use of previously known security flaws in the WebKit rendering engine.
According to the Google security team, these were “watering hole” attacks, which meant they were directed at a specific set of end-users via infected websites that such people were known to frequent. These websites in this case belonged to a media outlet and a political group from Hongkong.
Google has recently been aggressive in finding such zero-day vulnerabilities on its own and other platforms. The company patched zero-day vulnerabilities in Chrome that affected Windows, Mac, and Linux users in September with the release of the Chrome 94.0.4606.61 stable channel.