Photo: Alexander vilf / RIA Novosti
Hackers have learned to hack old iPhone and Mac with the help of fake sites, quietly replacing letter domain name. This was stated by the experts in the field of cybersecurity Tencent Xuanwu Security Lab at the company blog.
The researchers argue that in old versions of Safari browser some of the characters of Unicode are displayed in the same way as ordinary letters. In particular, the Latin letter d in the search string will look exactly like the character dum. And users will not notice the difference and will not be able to recognize a fake link.
A breach in security outdated browser allows fraudsters to fake pages of popular sites that use the letter d: LinkedIn, Dropbox, Reddit, WordPress and many others. Once the victim authenticates to fake web service, attackers will get their data from the original page.
Experts found a vulnerability is threatening the owners of smartphones and Apple computers that do not have the latest OS update. Among the potentially dangerous devices experts said iPhone with iOS version 11.4.1 and older, as well as iMac and MacBook with macOS firmware High Sierra to 10.13.5. To avoid becoming victims of fraud, experts have advised the owners of outdated gadgets to update OS version to most current.
Video, photo All from Russia.