- Hackers may have discovered a way to infiltrate iPhones using Apple's email software, according to cybersecurity firm ZecOps.
- The flaw allows attackers to send a message containing malicious software that doesn't need to be clicked on in order to infect a device, the researchers found.
- The vulnerability specifically affects those who use Apple's Mail app.
- This flaw is the latest in a string of Apple security issues that have been discovered in the last year. A spokesperson for Apple did not immediately respond to Business Insider's request for comment.
- Visit Business Insider's homepage for more stories.
Hackers may have figured out a way to attack iPhones using a malicious message sent through Apple's email software.
The flaw was discovered by cybersecurity firm ZecOps, and first reported by The Wall Street Journal.
According to ZecOps researchers, the security vulnerability is particularly sophisticated because it doesn't require users to click on anything in order for their devices to be infected. The attackers send emails that install malicious software once Apple's email reader begins downloading the message — the user doesn't even need to open the message at all.
Transform talent with learning that worksCapability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More The issue was particularly difficult to detect because the malicious code was contained in the email sent by the attackers, and the emails were either deleted by the user or by the attackers themselves, according to the Journal.
The vulnerability specifically affects those who use Apple's Mail app. It primarily affects the latest iPhone software, iOS 13, though ZecOps says the vulnerability has existed since at least iOS 6, which was released in 2012.
ZecOps was able to identify multiple targets in the attacks, including employees at a Japanese telecommunications firm, a North American company, and tech companies in Saudi Arabia and Israel, according to the Journal.
A spokesperson for Apple did not immediately respond to Business Insider's request for comment.
While Apple has historically been the gold-standard in cybersecurity, this security flaw is the latest in a string of Apple security issues that have been discovered in the last year. Last spring, hackers used a vulnerability in the messaging app WhatsApp to install malware on iPhones and other smartphones. And in August, Google researchers discovered that an iPhone hack may have targeted Uighur Muslims in China. In both situations, Apple patched the issues before they were made public.
Apple has experienced other software flaws in recent months. Last July, Apple had to temporarily shut down its Apple Watch Walkie Talkie app after discovering a bug that could allow someone to eavesdrop on someone else via their iPhone. Apple said at the time there was no evidence anyone had exploited the bug.
And when Apple's latest software, iOS 13, released last September, researchers discovered a bug that would make it possible for someone to access an iPhone's contact list without needing to unlock the phone, as well as a flaw that allowed third-party keyboards to unapproved access to your device. A subsequent software update has since fixed the flaws.
Read the original article on
Business Insider
Next Story
In second consecutive week of decline, forex kitty drops $2.28 bn to $640.33 bn
SBI Life Q4 profit rises 4% to ₹811 crore
IMD predicts severe heatwave conditions over East, South Peninsular India for next five days
COVID lockdown-related school disruptions will continue to worsen students’ exam results into the 2030s: study
India legend Yuvraj Singh named ICC Men's T20 World Cup 2024 ambassador
