The Google Project Zero team dropped a bombshell on a blog post stating that malicious websites hacked iPhones in years every time someone using a simply visited them. The specifications are interesting if you use information security, but the most important thing is that hackers could leverage the various levels of iOS security to access private data, including photos, passwords and databases for encrypted messaging apps such as WhatsApp and iMessage. And again, all a user had to do was visit a website.
We only hear about an exploit when it was caught.
Apple quickly disclosed the vulnerabilities used for these exploits when Google informed it of the findings in February, but still. This happened for over two years, and no one knew except the people involved in stealing personal information about "thousands of visitors per week." Yikes.
I know that most people reading this are using an Android phone, and probably won't be affected by it in any way. At least you hope you weren't touched. The scary truth is that there are probably other "hacks" in nature that work in a very similar way and that your phone is vulnerable.
Hackers (the bad type of hacker) are not concerned about the type of phone you use. It's a matter of making iPhone users a more disposable income and a "better" target when it comes to stealing money, but it's more important to hit as many people as possible if you're trying to steal data. In the United States, about half of all smartphone users use an iPhone, about half use an Android. Doctors, lawyers and celebrities also use Android phones. Their passwords, message databases and pictures are just as interesting to a hacker.
Android phones are filled with juicy data just like iPhones are.
Not many people find and write such attacks, fortunately. Nor are many people trying to find and fix them. And unfortunately, there's not much we can do about it.
If you know how to use a proxy service and browse through link links (and no, I'm not going to help you there) you can find sites online that sell packages that allow you to attack smartphones. The easier it is to infect or affect a phone, the higher the price and something as automatic as the latest iOS hack that affected even the latest version is very expensive. But people still buy them, because spending up to $ 3 million on them is a healthy investment if you can get infected enough. If you could steal a dollar from 3.1 million users, you only made a tidy profit.
All this should concern you. It doesn't matter if you are the type of person who uses a strong password everywhere and religiously encrypts and locks all your devices, or if you are the type who does not even have a lock screen in use and all your passwords are "passwords." You are on the internet right now and there is no guarantee that you will not stumble upon a site that has built-in malware. You should use safe practices like just following links you trust from people you trust, but malware is like love and it will find a way.
You don't have to be obsessed with online security, but you should care at least a little.
I would not suggest going back to a glorious age where no business was done online and risque images came from Polaroid Instant Cameras. And you don't have to wear a tinfoil hat and think someone is out to get you every time you pick up the phone. However, you should worry about security just a little. Use the company's track record of security when purchasing something that can connect to the Internet and continue to follow the rules, such as just visiting links you trust, use two-factor authentication when you can, and never use unsecured Wi- Fi.
Remember that this is not the only exploitation of this kind out there in nature; it was just the one who was caught.