IPhone and iPad vulnerabilities allowed hackers to steal data for years |
Apple plans to introduce a vulnerability security patch. A security company said more than half a billion iPhones could be vulnerable to snooping.
ZenOps Cyber Security (Zook Avraham) CEO (Zook Avraham) discovered the vulnerability (including on iPad tablets) when investigating complex cyber attacks against customers in late 2019. Six breaches in network security.
A Apple spokesperson acknowledged the weakness of Apple's email program on iPhone and iPad, saying: The company has developed a bug that has been released in the hundreds hundreds and has released an update for 10,000 devices.
Apple declined to comment on the results of Wednesday's Avraham research that showed the vulnerability could be exploited and used by hackers to attack known users. Avraham said: He found evidence that malware was exploiting vulnerabilities in iOS since January 2018. He could not identify the hackers.
To carry out the hacking attack, Avraham said: The victim receives a blank email via the messaging app, and opening these apps opens the app for comment and reset. If the app crashes, hackers can steal the door to other data on the device, for example photos and contact information.
ZecOps claims that the vulnerability could allow hackers to steal data from their iPhone remotely, even if they are running the latest version of iOS. If this vulnerability is used on its own, hackers will be able to access all content that a messaging app can access, including confidential messages.
Most Avraham conclusions are based on data in "crash reports" that are generated when the program fails when it performs a task on the device. He then managed to duplicate the technology that could cause a controlled collapse.
Two independent security researchers who reviewed the ZecOps results believed the evidence was reliable, but said they had not fully rediscovered the results due to time constraints.
(Patrick Wordley) - Apple Security Expert and former National Security Agency researcher: This discovery "confirms to some extent a secret: enemies with good resources can be attacked remotely and in silence. IOS Protected"
Since Apple did not until recently acknowledge the vulnerability of the software, it could be very useful for governments and businesspeople offering pirated software. The cost of software development running on modern mobile phones without notice can exceed $ 1 million.
Although Apple products are considered high standards for digital security in the cybersecurity industry, due to the global popularity of the device, any successful penetration technology for the iPhone can affect millions of people. In 2019, Apple said about 900 million iPhones are in use.