Every iPhone In The World Can Be Hacked Due To This Severe Security Issue: iOS 6 Or Newer Versions Under Threat

Every iPhone In The World Can Be Hacked Due To This Severe Security Issue: iOS 6 Or Newer Versions Under Threat
Every iPhone In The World Can Be Hacked Due To This Severe Security Issue: iOS 6 Or Newer Versions Under Threat

A massive iOS security hole detected which can impact every iPhone in the world- both old and new!

Read to find out more…

iPhone Users To Remain Alert of a Security Breach!

Apple has confirmed the problem as real following the publication of a devastating report from security firm ZecOps. The report claimed that every iPhone running a version of iOS 6 or newer is vulnerable to remote attacks.

The findings by ZecOps indicates that this is a serious eye-opening vulnerability running through 8 iOS generations (iOS 6 was released in September 2012). 

Apple released iOS 6 for all iPhones other than the original (released 2007) and it’s successor, the iPhone 3G.  Apple claims 1.5 billion active devices of which iPhones make up the majority meaning almost every iPhone in use today is impacted. 

ZecOps discovered a serious vulnerability in Apple’s iOS Mail app!

This vulnerability allows an attacker to remotely infect an iPhone and gain control over the user’s inbox. 

These triggers have been happening for more than two years, with the first trigger detected in January 2018. In addition, ZecOps found that the attacks can happen without an iPhone owner’s knowledge.

The catch here is that the attacks are easier to perform on iOS 13 than previous generations of iOS. ZecOps explained that with iOS 12, an attacker requires the iPhone user to open a malicious email. But with iOS 13, it can be triggered unassisted simply from the Mail app being opened in the background. 

ZecOps suggested disabling the Mail app and using a third-party app instead. ZecOps found both Outlook and Gmail are not vulnerable to the attack.

So no need to ditch your iPhone! 

After the Controversy, What does Apple Have to Say?

As the company met with the controversy, Apple on April 25 talked about this security breach.

In an official statement, Apple understated ZecOps’ findings, saying: “Apple takes all reports of security threats seriously. We have thoroughly investigated the researcher’s report and, based on the information provided, have concluded these issues do not pose an immediate risk to our users. The researcher identified three issues in Mail, but alone they are insufficient to bypass iPhone and iPad security protections, and we have found no evidence they were used against customers. These potential issues will be addressed in a software update soon. We value our collaboration with security researchers to help keep our users safe and will be crediting the researcher for their assistance.”

Apple has confirmed to Vice that it has managed to patch the vulnerability in the latest iOS 13.4.5 beta. It also looks like the company will now accelerate its release. With iOS 13.4.1 the previous update it appears that Apple will now be skipping some digits unless it pushes out a dedicated iOS 13.4.2 release instead.

ZecOps Doesn’t Sway From Its Findings!

ZecOps has stood by its report and issued its own response disputing Apple’s statement. 

It wrote: “According to ZecOps data, there were triggers in-the-wild for this vulnerability on a few organizations. We want to thank Apple for working on a patch, and we’re looking forward to updating our devices once it’s available. ZecOps will release more information and POCs once a patch is available.” 

Once iOS 13.4.5 is released, the additional findings will be much more fascinating.

We will keep you updated as this issue doesn’t seem to be over! 

Comments are closed, but trackbacks and pingbacks are open.

who's online