Apple recently announced that it would be fixing a serious, newly discovered flaw in its iOS software, which is used for both iPhones and iPads. Though the exploit had only been recently spotted by a security forensics company, experts have warned that the issue has been present much longer, meaning hackers could have gained information from iPhones and iPads for years.
According to Reuters, over half of a billion iPhones had been vulnerable to hackers, with millions of iPads at risk as well. Moreover, the extent to which personal info had been accessed is still unknown.
The bug was discovered by technology security firm ZecOps after the company investigated a client’s cybersecurity break-in in late 2019. The client was described as a firm in the Fortune Top 500 in North America.
ZecOps chief executive Zuk Avraham claimed that since his firm discovered the vulnerability, he could confidently confirm that the flaw was used in at least six cybersecurity hacks.
Avraham was not able to gather the identity of the hackers, and Reuters claimed that the paper was unable to verify the six alleged hacks. However, two other independent firms that studied the above allegations found the claims to be “credible.”
Avraham added that the exploit had been in place since January 2018, meaning that hackers had over two years in which to access private details.
The chief executive detailed the specific scam that hackers would use. Victims would be sent a message in their Mail app that appeared to be blank. When opened, it would force a crash in the app, necessitating a reset. During the crash, hackers could steal data located on the device, including contact information and even photos.
In fact, it was through investigating the crash reports that Avraham first noticed the issue.
While Apple has a reputation for strong security measures, not all technology experts are surprised by the new revelations. Patrick Wardle, an Apple security expert and former researcher for the U.S. National Security Agency, said the allegations confirm “what has always been somewhat of a rather badly kept secret: that well-resourced adversaries can remotely and silently infect fully patched iOS devices.”
Apple is far from the first tech giant to have left its patrons vulnerable to hacks. Just this past December, social media behemoth Facebook suffered a similar breach. As previously reported by The Inquisitr, more than 267 million users were affected after internet thieves retrieved personal information, including names, user IDs, and phone numbers.