Apple has always been proud of their security system and they have over and over repeated that their security tech is best and most difficult to hack. This was apparently true for a very long time but recently things have been changed and one of the proofs is an iMessage bug that let the researchers hack with just one message. At a recent Black Hat security conference in Las Vegas, Natalie Silvanovich, the researcher at Google Project Zero explained this bug and even demonstrated this for everyone.
In an attempt to elaborate, Silvanovich demonstrated this bug, apparently, this interactionless flaw can be used in Apple’s iOS iMessage that will help the sender to gain full control over the receivers’ device. To cater to this issue, Apple released some patches but the problem is still there and it will take more than few patches to resolve this issue. On sending this message, it will convert into a bug that has the ability to execute code and this will help in getting the access of the data in the device. In short, these bugs can be used in order to harm the users. The bug can be sent via specifically crafted text that can be exchanged or targeted to specific users. In most cases, iOS has the protection of some kind in place which helps in blocking the attacks but this bug find the advantage of the underlying logic of the system so the whole defense system detects it as a real source. Since the system passes the bug as legitimate, this is favored by the nation-state hackers as well as the vendors. This simply means that this bug is worth tens millions of dollars of money in the black market which can be beneficial for hackers.
In an attempt to discover if other forms of texts like SMS, MMS or voicemails can be compromised, Silvanovich along with one of his project zero members Samuel worked tirelessly. She worked on reverse engineering and tried to spot flaws where she finally discovered that there were exploitable bugs in iMessage. Unlike the common perception that iMessage is safe, the team discovered there is so many options of communication and so many features involved in iMessage that it becomes easier to dilute the security of system. This is the reason there are more hacks involved in more sophisticated technology.
Photo: Getty
Read next: Pegasus can go inside iCloud, and Apple seems OK with it
In an attempt to elaborate, Silvanovich demonstrated this bug, apparently, this interactionless flaw can be used in Apple’s iOS iMessage that will help the sender to gain full control over the receivers’ device. To cater to this issue, Apple released some patches but the problem is still there and it will take more than few patches to resolve this issue. On sending this message, it will convert into a bug that has the ability to execute code and this will help in getting the access of the data in the device. In short, these bugs can be used in order to harm the users. The bug can be sent via specifically crafted text that can be exchanged or targeted to specific users. In most cases, iOS has the protection of some kind in place which helps in blocking the attacks but this bug find the advantage of the underlying logic of the system so the whole defense system detects it as a real source. Since the system passes the bug as legitimate, this is favored by the nation-state hackers as well as the vendors. This simply means that this bug is worth tens millions of dollars of money in the black market which can be beneficial for hackers.
- Also read: Find Out Where Apple, Facebook, Google, Twitter and Other Tech Giants Are Sending Your Data
In an attempt to discover if other forms of texts like SMS, MMS or voicemails can be compromised, Silvanovich along with one of his project zero members Samuel worked tirelessly. She worked on reverse engineering and tried to spot flaws where she finally discovered that there were exploitable bugs in iMessage. Unlike the common perception that iMessage is safe, the team discovered there is so many options of communication and so many features involved in iMessage that it becomes easier to dilute the security of system. This is the reason there are more hacks involved in more sophisticated technology.
Photo: Getty
Read next: Pegasus can go inside iCloud, and Apple seems OK with it