Google warns iOS, Chrome users against Russian govt-backed hackers: How to protect your devices

iOS, Chrome users on alert: Google’s Threat Analysis Group (TAG) has released a new report, highlighting cyberattacks on iOS and Chrome through exploits by Russian government-backed actor APT29. These cyberattacks happened between November 2023 and July 2024 with the help of exploits manufactured for iOS and Chrome by commercial spyware vendors such as Israel’s NSO Group and Intellexa. The hackers ran a series of watering hole campaigns to target the Mongolian government websites primarily, but the incident underscores the importance of keeping your devices safe from highly advanced snooping tools.

According to a blog post, hackers used an iOS WebKit exploit, which affected devices running iOS 16.6.1 or older, and a Chrome exploit chain that impacted Android devices running versions m121 to m123. The campaigns injected n-day exploits, which have already been patched by Apple and Google. But the devices that have not been patched were prone to the exploit campaign, dedicated to harming devices and stealing personal information. The team said it was uncertain how the APT29 actors acquired the exploits, but warned that watering hole attacks are a big threat to modern devices, including smartphones, as they involve sophisticated exploits to target those who visit particular websites regularly.

What are watering hole attacks?

Watering hole attacks are highly sophisticated cyberattacks where hackers compromise a legitimate website with malicious code, which directly impact eligible visitors by delivering payloads. In other words, an authentic website, such as that of a government, may contain nefarious elements that deliver payloads to visitors that meet a particular criteria. These payloads allow hackers to compromise the devices with the help of available exploits and steal sensitive information without the owner’s knowledge. In this case, the exploits have already been patched by Apple and Google for their respective products, but because not every user has downloaded the latest software on their devices, hackers were able to compromise them easily.

How to protect your devices

– As soon as you receive a software update on your device, especially when it has been marked as critical by your device manufacturer, download and install it to safeguard your device against any potential threat.
– Do not open suspicious links or websites. In case of visiting legitimate websites, make sure you use the latest browser versions. Also, go for popular and trusted browsers such as Apple Safari or Google Chrome, which have advanced protection against hacking attempts. Google Chrome’s Site Isolation feature prevents the ability to steal data from other websites, making your data elsewhere safe should a website try to snoop in on your online activity.