Wow. This Project Zero discovery is insane. Some unnamed entity (obviously a government) had 7 Safari 0-days that have been quietly compromising iPhones for years — all the way back to iOS 10. Anyone who visited these unnamed sites were sunk. https://googleprojectzero.blogspot.com/2019/08/a-very-deep-dive-into-ios-exploit.html …
Scratch that. It wasn't 7. It was 14 iOS exploits being used in the wild for years !!!
Real-time GPS, keychain, encrypted messaging databases, files, everything lifted, with the phone-home unencrypted. Anyone listening has the data too. This had been happening for years! Absolutely insane. If there is a will, there is truly a way. Worst iPhone hacking campaign yet.
This, but for the entire world 😬
The exploits are one thing, but the implant provides more details & characteristics about what this actually was. The lack of persistence may have extended the runway of this program. Certainly will be interesting to see where the fingers point!
You can follow @_DanielSinclair.
Tip: mention @threader_app on a Twitter thread with the keyword “compile” to get a link to it.
Enjoy Threader? Sign up.
Threader is an independent project created by only two developers. The site gets 500,000+ visits a month and our iOS Twitter client was featured as an App of the Day by Apple. Running this space is expensive and time consuming. If you find Threader useful, please consider supporting us to make it a sustainable project.