This iOS APP Is Putting Your iPhone At RISK – Digitalmunition




Videos 1588201697_hqdefault.jpg

Published on April 25th, 2020 📆 | 1891 Views ⚑

4

This iOS APP Is Putting Your iPhone At RISK



#iphonehack #cybersecurity #iOShack If you own an iOS device (iphone or ipad) you may be at risk to hacking. Hackers have found vulnerabilities in Apple’s iOS operating system. In this video I will explain what these vulnerabilities are and what you can do to prevent yourself from being a victim to these hackers. Following a routine iOS investigation, ZecOps; a company based in San Francisco which specialises in cybersecurity, found a number of suspicious events that’s affecting the default Mail application on iOS, dating as far back as January of 2018.
ZecOps analyzed these events and discovered an exploitable vulnerability affecting Apple’s iPhones and iPads. This works by the attackers sending a seemingly blank, but specially crafted email to a victim’s mailbox, enabling it to trigger the operating system’s vulnerabilities through the iOS mobile mail application.
The email would crash the app, forcing the user to reboot their device. During the reboot, hackers would then be able to access information on the device such as contact details, photos, confidential messages and whatever information the mail app had access to. Even more alarming is the fact that when this happens, the emails that trigger the hack are nowhere to be found. ZecOps believe this is done by the hackers to cover up their tracks.
According to ZecOps, one of the victims of this hack is a client from a Fortune 500 North American technology company. Other victims were: An executive from a carrier in Japan, A VIP from Germany, Managed security service providers in Saudia Arabia and Israel and a Journalist in Europe. An executive from a Swiss enterprise is also suspected to have been a victim of this hack.

In an interview with motherboard, former Israeli Defense Force security researcher and CEO of ZecOps, Zuk Avraham said they concluded with high confidence that the attacks were exploited in the wild-meaning they are affecting real world users as opposed to test systems.
He further stated that one of the vulnerabilities, is what’s known as a remote zero-click. This kind of attack is especially dangerous because it can be used by an attacker against anyone on the internet, and the target gets infected without any interaction—hence the term zero-click. These vulnerabilities are known as zero-days.
Vulnerabilities or exploits called zero-days are bugs in software or hardware that are unknown to their manufacturers and can be used to hack targets. They can be particularly effective attacks because they use flaws that are not patched yet, meaning there’s no code deployed to specifically defend against them.
ZecOps said after being alerted to suspicious crashes on their customers iphones last summer, they reproduced the results of the hack in their lab to verify their findings. ZecOps said that:
All tested iOS versions are vulnerable, including iOS 13.4.1.
Based on their data, these bugs were actively triggered on iOS 11.2.2 and potentially earlier.
They also stated that
iOS 6 and above are vulnerable.

Thanks so much for viewing. It would mean a lot to me if you could subscribe to my channel. Below are links to my social media accounts:

https://m.youtube.com/channel/UChfmX6YFxMT7ghImp6S0fFw?sub_confirmation=1

https://www.instagram.com/glenprincetech?r=nametag

https://twitter.com/GlenprinceT?s=09

Sources:
https://blog.zecops.com/vulnerabilities/unassisted-ios-attacks-via-mobilemail-maild-in-the-wild/
https://www.theverge.com/2020/4/22/21231454/apple-iphone-zero-day-exploit-security-flaw-mail-app-ios-zec-ops
https://www.vice.com/en_us/article/pken5n/iphone-email-zero-day-hack-in-the-wild
https://www.bbc.com/news/technology-52391759

Photo Credit:
The economic times
Computer world
LinkedIn
Tech Privacy
Tech Crunch
Panda security

source

Tagged with:



4 Responses to This iOS APP Is Putting Your iPhone At RISK

  1. I don't use iOS but that's interesting … good to know

  2. Another interesting vid. I'm not an iOS user but definitely sharing this. 👍👍

  3. How concerned are you guys about ZecOps recent findings? Will you disable the app to be on the safe side?

  4. Ebony B. says:

    Good to know!! New subbie & I’m glad I found your page 💫

Leave a Reply

Your email address will not be published. Required fields are marked *


loading...