IPhone e-mail application may have opened a breach for hackers
Apple is planning to fix a security breach that may have allowed more than half a billion iPhones to be vulnerable to hackers. The flaw, which also affects the iPad, was discovered by Zuk Avraham, chief executive of the US forensic security company ZecOps, when he was investigating a sophisticated attack on a client in late 2019. Avraham said he found evidence that the vulnerability has been exploited on at least six occasions.
An Apple spokesman acknowledged that the vulnerability exists in the company's email application on the iPhone and iPad. The company also says that it has developed a fix that will be included in the next update to be sent to millions of devices sold worldwide.
Apple did not openly comment on Avraham's findings, which were published on Wednesday, 22, and which suggest that the flaw may have been exploited by hackers against important users of the company's devices.
Avraham said he found evidence that a program had been taking advantage of Apple's iOS operating system vulnerabilities since at least 2018. He was unable to determine who the hackers were behind the program and the Reuters you cannot independently verify his claims.
The attack took place, according to Avraham, when the victims received an apparently blank e-mail through the Mail application that required the device to be restarted. The reboot then opened a door for hackers to steal data from the device, such as photos and contact details.
ZecOps says the vulnerability allowed hackers to steal data from iPhones even if they were using newer versions of Apple's operating system. Avraham, a former security researcher for the Israeli Defense Force, suspects that the hacking technique was part of a network of malicious programs, still undiscovered, that gave hackers full remote access to the devices.