London Daily

Focus on the big picture.
Sunday, Jul 12, 2026

IOS is secure? Never was. Hackers breached iPhone users data for years

Cybercriminals implanted iPhones with spyware by exploiting a hole in Apple's operating system

Hackers planted spyware on iPhone users' devices over a two-year period by exploiting a vulnerability in the technology's operating systems, Google said Friday.

The bad actors targeted a group of infected websites that, when visited by iPhone users, attacked the devices and in some cases installed malware, according to Ian Beer of Project Zero, a team of Google security analysts that investigates cybercrime.

"There was no target discrimination; simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant. We estimate that these sites receive thousands of visitors per week," Beer wrote in a blog post.

Using the implant, hackers could access Apple customers' data, including their passwords and personal contacts, as well as messages sent through iMessage, WhatsApp, Gmail and Google Hangouts, according to Project Zero researchers.

Almost every version of Apple's iPhone operating system — from iOS 10 through to the latest version of iOS 12 — was vulnerable, he said. Still, it's unclear how many users might have been affected.


Old bug, new hack

The security bugs Beer identified aren't new, but rather were exploited in novel ways.

"Ian shows this is the first time these types of vulnerabilities have been used out on the wide internet, where if the malicious code was present on a certain website that was accessed, the unsuspecting user would be infected, and remain blissfully ignorant of it," said operating system internals researcher Jonathan Levin.

In this case, no user intervention, such as a prompt to click on a link, was required for an iPhone to get inflected.

The scope of the hack suggests it was backed by a nation rather than an individual, Levin said. "It requires a lot of research, and there has to be an endgame motive for this," he told CBS MoneyWatch. "It's possible that those behind the hack targeted a specific demographic or interest groups."

"My personal hunch, because of the level of proficiency and efficacy of the exploits, is that this is not the work of your average hacker," he added.

Neither is there a sure-fire way for users to protect themselves against security breaches, Beer said. "All that users can do is be conscious of the fact that mass exploitation still exists and behave accordingly; treating their mobile devices as both integral to their modern lives, yet also as devices which when compromised, can upload their every action into a database to potentially be used against them."

Google said it reported its findings to Apple in February, after which the tech giant released an updated operating system to fix the flaws.


Android's no safer

While Beer highlights some of the iPhone's vulnerabilities, the attack shouldn't be misread to suggest that Google's Android operating system is safer, Levin said.

"The takeaway shouldn't be, 'I'm going to use Android from now on because it's more secure.' That's far from it," he said. "Similar and/or possibly worse bugs exist in Android and other operating systems as well. Google Project Zero simply chose to highlight iOS this time."

Apple claims to be the most secure operating system, and for good reason. "Apple genuinely invests extreme efforts in securing iOS on multiple layers, down to their proprietary hardware, and in some aspects are still way ahead of Android," Levin said.

Newsletter

Related Articles

0:00
0:00
Close
World Cup Visitors Turn American Big-Box Stores Into Souvenir Stops
Netflix Weighs Always-On Channels, Bundles and Short-Form Video
Passenger Is Pulled Partly Outside Ryanair Jet After Window Fails Mid-Flight
Innovation-led growth strategy
Public service reform pressure
Defence and industrial security
Labour leadership transition and economic reset
Northern England Pushes for Greater Influence in Britain’s Future Economic Model
UK Technology Strategy Focuses on Life Sciences, Digital Innovation and Research Investment
Britain and United States Maintain Focus on Pharmaceuticals Cooperation and Industrial Growth
UK Public Services Face Continued Pressure as Government Promises Visible Improvements
Regional Economic Power Becomes Key Theme in Britain’s Next Political Phase
Britain Expands Support for Small Businesses as Firms Seek Better Access to Finance
UK Economy Remains Central Political Challenge as Cost of Living and Growth Concerns Persist
National Health Service Introduces New Workplace Reviews to Improve Conditions for Healthcare Staff
UK Life Sciences Sector Secures More Than Three Billion Pounds in Investment to Support Innovation
Britain Strengthens Defence Strategy as Security Concerns Reshape Military and Industrial Policy
Andy Burnham Promises Stronger UK Defence Industry and Expanded Domestic Production
UK Government Faces Difficult Spending Choices as Labour Leadership Transition Approaches
Rachel Reeves Warns Andy Burnham of Immediate Economic Challenges After Expected Leadership Change
Andy Burnham Prepares to Lead UK Government With Plans for Regional Power Shift and Economic Reset
Government Creates Emergency Support Scheme for Financially Struggling Universities
United Kingdom Replaces Traditional Farm Subsidies With Payments Linked to Environmental Performance
National Grid Reports First Week of Electricity Generation Without Fossil Fuels
United Kingdom Financial Regulator Introduces Tougher Capital Rules for Cryptocurrency Exchanges
Belfast Harbour Expands Operations to Attract Investment Through United Kingdom and European Union Market Access
Scottish Government Threatens Legal Challenge Over Westminster Cuts to North Sea Transition Funding
United Kingdom Accelerates Trans-Pennine High-Speed Rail Project Linking Northern Cities
United Kingdom Secures Ten Billion Pound Investment for Cambridge Quantum Computing Campus
Port Talbot Steelworks Wins Support for Green Hydrogen Transition and Protection of Industrial Jobs
United Kingdom Sends Royal Navy Carrier Strike Group to Indo-Pacific as Regional Security Focus Expands
National Health Service Expands Artificial Intelligence Diagnostics Across England to Reduce Screening Backlogs
United Kingdom Launches Fifty Billion Pound Infrastructure Fund to Accelerate Housing and Construction
UK Medical Chiefs Update Health Guidance to Promote Everyday Physical Activity
Office of Communications Keeps Wikipedia Under Review Under UK Online Safety Rules
UK Defence Ministry Expands Deep-Strike Capability Through Precision Missile Programme
Russell Group Universities Warn Funding Cuts Could Damage NHS Workforce Training
UK Parliament Calls for National Emergency Broadcast as Heatwave Conditions Intensify
UK and Netherlands Strengthen Naval Cooperation With New Amphibious Defence Partnership
UK Defence Ministry Joins International Missile Programme With One Hundred and Ninety Million Pound Investment
Bank of England Warns Middle East Conflict and AI Risks Could Pressure UK Economy
UK Government Introduces New Rules to Limit Foreign Influence in Political Donations
UK and France Prepare Naval Mission to Protect Shipping Through Strait of Hormuz
United States Pressures UK to Increase Defence Spending at NATO Summit
Bank of England Warns Artificial Intelligence Investment Boom Could Create Financial Stability Risks
Bank of England Begins Direct Oversight of Critical Technology Providers Supporting UK Finance
Andy Burnham Set to Become UK Prime Minister After Labour Leadership Race Clears Path to Downing Street
Scottish Fishing Industry Calls for Emergency Support Amid Rising Costs
UK Supports Stronger European Response to Russian Actions in Ukraine
Devon and Cornwall Police Release Suspect in Ann Widdecombe Murder Investigation
×