Earlier this year, Google’s Project Zero threat analysis group discovered 12 separate security flaws, seven of which involved the iPhone’s built-in Safari web browser. The five different exploit chains gave attackers root access to a handset, allowing them to steal a huge amount of personal data. After informing Apple of the vulnerabilities on February 1, the iPhone maker fixed the issues with a patch six days later for iOS 12.1.4 for iPhone 5s and iPad Air and later.
While it had been thought the websites only targeted Apple products, Forbes’ sources say devices using Google and Microsoft operating systems could also be infected with monitoring implants when visiting the sites.
