The unprecedented cyber attack on iOS devices revealed publicly by Google last week, went well beyond iPhones. It emerged over the Labor Day weekend that the attack affected Android and Windows phones too (via Forbes). The website behind the attack targeted the minority Uighur ethnic group too.
Microsoft and Android Devices, Not Just iPhones, Hit
Sources told Forbes that attackers targeted both Google’s and Microsoft’s via the same websites used to attacked iPhones. While Google had declined to comment at the time of this writing, Microsoft pushed back against the allegations. It told the publication:
Google Project Zero was very specific in its blog post that the recently publicized attacks used unique iPhone exploits and they have not disclosed similar information to us. Microsoft has a strong commitment to investigate reported security issues and, should new information be disclosed, we will take appropriate action as needed to help keep customers protected.
Mass Surveillance of Uighur Minority
It appears that the attacks are part of a mass surveillance operation against Uighur civilians, particularly in the Xinjiang region of China (via TechCrunch). The infected web-pages granted the attacker extensive access to a victim’s iPhone. This included the ability to read messages, passwords and track their location almost in real-time. Google’s researchers did not publicly name who was behind the attacks in their blog post making it public.