The email accounts of more than half a billion iPhone and iPad users can be hacked via the Mail app. This was discovered by ZecOps, a company that conducts forensic ICT research. iPhone manufacturer Apple announces that the leak will be closed as soon as possible.
ZecOps discovered the problem when it investigated a sophisticated cyber attack that took place at the end of 2019 against one of their customers. Zuk Avraham, CEO of ZecOps, has evidence that a vulnerability in the Mailapp was abused at least six times.
Also read: https://www.glasenframe.be/
Will an app on our smartphone get us out of our lockdown? "It mustn't be rushed."
Since 2018
An Apple spokesperson confirms the problem and says the company has worked out a solution that will be sent with the next iOS update. The company refuses to comment on the Avraham study published Wednesday.
Avraham said it found evidence that a malware program has been exploiting the vulnerability in the iOS operating system for Apple's mobile devices at least since January 2018. According to Avraham, in order to carry out the hack, hackers were sent a seemingly empty e-mail via the Mail app, which caused the device to crash and then necessitated a reset. Thanks to the crash, the hackers gained access to other data on the device, such as photos and contact details. He could not determine exactly who the hackers were.
According to ZecOps, the hackers could continue to steal data from the phones even if they were running on more recent versions of iOS. This gave them access to everything the Mail app had access to, including confidential messages.
Fortune 500 company https://www.glasenframe.be/
Avraham, a former Israeli Defense Intelligence Investigator, suspects that the hacking technique is part of a series of largely undiscovered malware programs that give hackers full access to the smartphone and tablet. Apple does not want to respond to this claim.
ZecOps discovered that the hacking technique was used last year by one of their customers, someone from a "North American technology company of the Fortune 500". They also found evidence of similar attacks on employees of five other companies in Japan, Germany, Saudi Arabia and Israel.
Avraham bases its findings on data from crash reports, which are generated when a program gets stuck. He was then able to recreate the technique that caused the crashes.
900 million iPhones
Two independent cybersecurity researchers who examined the discovery of ZecOps find the evidence credible, but have not yet been able to fully recreate its findings.
Since Apple was unaware of the software problem until recently, the technology may have been very valuable to governments and companies offering hacking services. After all, such programs can be worth more than a million euros.
