Privacy experts working for Google announced Thursday that they had discovered a security flaw in Apple's iPhones that had left them vulnerable for the past two years. Apple has since fixed the problem.
In a series of very technical blog posts, Google Project Zero explained exactly what those glitches were.
With this glitch, iPhone users who accessed a "small collection of hacked websites" through their devices gave hackers the ability to see their private messages on WhatsApp, Telegram, iMessage, and Gmail, as well as photos and the user's current location.
"The implant has access to almost all of the personal information available on the device, which it is able to upload, unencrypted, to the attacker's server," Project Zero's Threat Analysis Group said, according to CNBC. "The implant binary does not persist on the device; if the phone is rebooted then the implant will not run until the device is re-exploited when the user visits a compromised site again. Given the breadth of information stolen, the attackers may nevertheless be able to maintain persistent access to various accounts and services by using the stolen authentication tokens from the keychain, even after they lose access to the device."
The flaw in the software that made the iPhones vulnerable were fixed in February, but it could have potentially exposed the data of "thousands" every week. Project Zero only revealed the details of how hackers could have exploited this security glitch months after first alerting Apple.