Last week Google disclosed a large-scale hacking effort that it said targeted users of Apple devices But now Apple has gone on the offensive – angry in public, and absolutely incensed in private at what is being seen as something of a stitch up. Google is standing by its research.
In a bold statement posted on Friday, Apple took issue with Google’s characterisation that this was a broad attack on all iPhone users.
“Google’s post, issued six months after iOS patches were released, creates the false impression of ‘mass exploitation’ to ‘monitor the private activities of entire populations in real time,’ stoking fear among all iPhone users that their devices had been compromised,” it reads.
“This was never the case.”
Apple’s bone of contention isn’t so much about what Google’s Project Zero team included in its report. Rather, Apple is upset about what was left out. The view from Cupertino is that Google’s business interests in China led it to pull back on describing the attack as being targeted at the persecuted Uighur community.
“The sophisticated attack was narrowly focused, not a broad-based exploit of iPhones ‘en masse’ as described. The attack affected fewer than a dozen websites that focus on content related to the Uighur community.”
This perspective is backed up by independent research from Volexity, a cyber-security firm based in Washington DC. It published a report earlier this month looking into the same threat, and stated unequivocally that Uighurs were the target – detailing 11 websites that had been used to carry out the attack.
Most notably, the Volexity report states that as well as Apple’s iOS, Google’s own mobile operating system, Android, was also targeted – a detail that was missing from Google’s research.