According to the researchers, the attacks have the hallmarks of government-backed hackers who for some reason were having a field day with Apple’s security.
Apple had been blissfully aware of vulnerabilities but fortunately its rival Google was on the case and published a report detailing the hacking campaign.
The researchers didn't go as far as pointing the finger at a specific hacking group or country, but they said it was "a well-resourced group, likely state backed."
Erye Hernandez, the Google researcher who found the hacking campaign and authored the report, wrote that TAG discovered the campaign in late August of this year. The hackers had set up a watering hole attack, meaning they hid malware within the legitimate websites of "a media outlet and a prominent pro-democracy labour and political group" in Hong Kong.
Users who visited those websites would get hacked with an unknown vulnerability -- and another exploit that took advantage of a previously patched vulnerability for MacOS that was used to install a backdoor on their computers.
Google seems to have done the decent thing and told Apple about the vulnerabilities and it has appeared to have fixed it.