Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Did we talk about this already? Flaw in iPhone, iPads may have allowed hackers to steal data for years
#1
Apple Inc is planning to fix a flaw that a security firm said may have left more than half a billion iPhones vulnerable to hackers.

The bug, which also exists on iPads, was discovered by ZecOps, a San Francisco-based mobile security forensics company, while it was investigating a sophisticated cyberattack against a client that took place in late 2019. Zuk Avraham, ZecOps' chief executive, said he found evidence the vulnerability was exploited in at least six cybersecurity break-ins.

An Apple spokesman acknowledged that a vulnerability exists in Apple's software for email on iPhones and iPads, known as the Mail app, and that the company had developed a fix, which will be rolled out in a forthcoming update on millions of devices it has sold globally.

Apple declined to comment on Avraham's research, which was published on Wednesday, that suggests the flaw could be triggered from afar and that it had already been exploited by hackers against high-profile users.

Avraham said he found evidence that a malicious program was taking advantage of the vulnerability in Apple's iOS mobile operating system as far back as January 2018. He could not determine who the hackers were and Reuters was unable to independently verify his claim.

To execute the hack, Avraham said victims would be sent an apparently blank email message through the Mail app forcing a crash and reset. The crash opened the door for hackers to steal other data on the device, such as photos and contact details.


https://news.trust.org/item/20200422150323-tmca0
Reply
#2
I thought Apple fixed the hack to crash phones with a text/email, but a search shows that there have been multiple versions of text/email subject lines to cause problems starting by at least September 2018.
Reply
#3
Does this seem like a more likely culprit for the Jeff Bezos hack than the purported WhatsApp exploit?
Reply
#4
Not that I dont believe -- but skimmed the article, seemed like "could have", was used a bunch of times... and there were no real details...
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)