Google's Threat Analysis Group (TAG) has published a blog post detailing a number of exploits in iOS that allowed hacked websites to hack into an iPhone simply if the iPhone visited the site.
谷歌威胁分析小组(TAG)在博客上详细介绍了一些iOS上的漏洞,iPhone只要访问被黑客入侵的网站,这些网站就能轻易黑进iPhone。
Once an iPhone did that, malware was installed on the device that allowed the hackers to monitor the iPhone's live location every 60 seconds as well as upload virtually any files from the iPhone—including iMessage and WhatsApp messages.
iPhone一旦访问这些网站,就会被安装恶意软件,黑客每隔60秒就能监控iPhone的实时位置,还可以从iPhone上上传任何文件,包括iMessage和WhatsApp的信息。
TAG says the exploit "may be one of the largest attacks against iPhone users ever." It reportedly affected iPhones running iOS 10 to iOS 12:
威胁分析小组称这个漏洞“可能是目前针对iPhone用户最大的一个威胁”,据称它会影响iPhone iOS 10到iOS 12的每个版本。
Working with TAG, we discovered exploits for a total of fourteen vulnerabilities across the five exploit chains: seven for the iPhone's web browser, five for the kernel and two separate sandbox escapes. Initial analysis indicated that at least one of the privilege escalation chains was still 0-day and unpatched at the time of discovery.
【谷歌发现一批危险网站,只要你访问,你的手机就被黑了】相关文章:
最新
2020-09-15
2020-09-15
2020-09-15
2020-09-15
2020-09-15
2020-09-15