Cybersecurity exports from Google’s Project Zero team have revealed a series of attacks in which hackers used Apple software vulnerabilities to infect devices with malware for two years.

The attacks were targeted at people who visit certain websites, each of them could be infected, and the virus could steal confidential data like photos, messages or real time location data. Cybercriminals had access to the data from applications such as iMessage, WhatsApp, Gmail, Telegram or Hangouts. Hacked websites had weekly views up to several thousand. At this point, it is not known which websites were affected.

14 exploits were discovered for iOS version 10 through 12. This indicates that even people with up to date iOS were potential victims.
It is not known who is behind such large-scale attacks, since they date back to 2 years ago.