Apple are usually at the forefront of security for their range of iOS devices, however a report published recently suggests that the Apple Mail app has potentially been leaving millions of iPhone and iPad users vulnerable to attack from hackers.
Should you be worried?
There are no reports yet on exactly how many users have been affected, however the firm that published the report, ZecOps, are confident the exploit has been used to hack at least 6 high-profile victims.
From a page on their blog where the report was published, the suspected victims include business executives from multiple high-ranking companies, a journalist and Middle-Eastern security service providers.
When tested, the bug was found to affect all versions of iOS including the latest version – iOS 13.4.1 (released April 7th 2020).
To exploit the vulnerability, hackers are sending a blank email message through the mail app. If a user opens this email, the app would crash, forcing the device to be rebooted. As the device is being rebooted, hackers would then be given access to the information stored on the device.
This is unusual to a lot of the types of attack we usually see on iOS, most of which usually require physical access to the device in order to install 3rd-party software that bypasses Apple’s security system. This hack, however, can be executed completely remotely and doesn’t even require the user to unwittingly download anything to their device.
Is Apple going to fix this bug?
When they were notified of this exploit back in March 2020, Apple were unaware of the vulnerability in their Mail app. However, an Apple spokesperson recently stated that the bug would be fixed in an upcoming update although it’s not yet clear when this will happen.
If you are concerned about your iOS security, Certo AntiSpy is our industry-leading tool designed to help iOS users detect and remove data-stealing spyware from their devices. Click here to see more information about Certo AntiSpy.