- ZecOps discovered a flaw in Apple devices while investigating a cyber-attack and Apple is planning to fix that flaw.
- How the flaw was discovered and this bug allowed attackers to steal data from iPhones.
- The vulnerability found in Apple devices could have benefited governments and security researchers.
Apple Inc. is planning to fix a bug discovered by a San Francisco-based mobile security forensics company named ZecOps in iPhone and iPads. ZecOps discovered the bug while inspecting a cyber-attack against a client. The cyber-attack was executed by the hackers in late 2019 and the discovered bug may have left more than 500 million iPhones vulnerable to attackers and was also found in iPads. ZecOps’ chief executive, Zuk Avraham found the vulnerability to be exploited in at least six cyber-attacks.
An Apple’s representative agreed that a vulnerability exists in Apple’s Mail app and he said that Apple had fixed that vulnerability which will be released in an upcoming update on millions of Apple devices sold across the globe. ZecOps published the findings on Monday stating the vulnerability could already have been exploited by the hackers while Apple in a statement said that the newly discovered flaws are insufficient to bypass iOS security protections.
Apple responds to ZecOps report on Mail app vulnerabilities, says it doesn’t pose immediate risk and software update coming. pic.twitter.com/z4ExrmVfK8— Mark Gurman (@markgurman) April 24, 2020
Avraham, a former Israeli Defense Force security researcher found a clue that a malicious program was exploiting the vulnerability in Apple devices since January 2018 but he was unable to figure who the attackers were. According to Avraham, victims would receive a blank email from the hackers during the attack forcing the Mail app to crash and reset. It helped the attackers to steal data from an iPhone.
ZecOps said that the vulnerability provided hackers access to whatsoever the Mail app could access and helped them to steal data from iPhones remotely even if the users had recent iOS versions. Avraham also suspected that this hacking technique was part of a chain malware program and could not discover the rest that may have allowed the hackers to get full access to an iPhone remotely.
Avraham also found clues of similar cyber-attacks executed against employees from five different organizations in Saudi Arabia, Israel, Japan, and Germany.
Most conclusions provided by Avraham based on data from ‘crash reports’. Avraham recreated a procedure to source controlled crashes when the Mail app failed in mid-task on an iPhone.
Two individual security researchers analyzed the ZecOps report and found Avraham’s piece of evidence to be credible while Patrick Wardle, a former researcher for the United States National Security Agency and Apple Security expert referred the discovery to be a badly-kept secret stating that well-sourced hackers can access completely patched iPhones remotely and silently.
As the flaw was recently discovered, the bug could have proved valuable for governments and security agencies as an exploit is worth over $1 million if it works without warning against an updated iPhone.
According to Apple, about 900 million iPhones are active around the globe which means that a successful hacking technique could impact millions of users. A security researcher with Citizen Lab, Bill Marczak referred the vulnerability as ‘scary’. Citizen Lab is a Canadian academic security research group and Marczak said that this vulnerability can affect you in adverse ways even if you have a Ph.D. in cyber-security.
Read next: New Version of iOS Might Change the Way We Download Apps
