Home > Brands > Apple > ‘Hackers For Hire’ Exploit Security Vulnerability Found In Apple’s Mail App

‘Hackers For Hire’ Exploit Security Vulnerability Found In Apple’s Mail App

Cybersecurity company Zec0ps has uncovered exploitable vulnerabilities in Apple’s iOS MobileMail application, which is found on iPhones and iPads. In its report Zec0ps said: “we surmise with high confidence that these vulnerabilities – in particular, the remote heap overflow – are widely exploited in the wild in targeted attacks by an advanced threat operator(s).”

Suspected targets of this type of attach include individuals from a Fortune 500 organisation in North America, an executive from a carrier in Japan, a journalist in Europe, and other high-level executives.

The earliest attack of this type is believed to be from January 2018 on iOS 11.2.2. However, Zec0ps believes that the vulnerability has existed in the Mail app since at least iOS6, released in 2012.

Zec0ps found that all the tested iOS versions have this vulnerability, including iOS 13.4.1. The remote heap overflow vulnerability can even be triggered without any user interaction on iOS13, meaning a victim wouldn’t even have to click on a link.

Once a Mail app has been compromised, the hacker could leak, modify and delete emails. Additional kernel vulnerability would provide full device access.

The cybersecurity firm said that they were aware of at least one ‘hackers-for-hire’ organisation selling exploits that used vulnerabilities that leverage email addresses as a key identifier.

Victims would most likely not be able to tell if they were hacked, as the only sign of it is a temporary slow down  or a sudden crash of the application. In failed attacks, emails sent by the attacker would show the message “This message has no content” (see example below).

In order to have the best chance of avoiding this type of cyberattack, Zec0ps said: “To mitigate these issues – you can use the latest beta available. If using a beta version is not possible, consider disabling the Mail application.” Outlook and Gmail are not vulnerable.

The newly released beta update of 13.4.5 does contain a patch for these vulnerabilities.

Cybersecurity company Zec0ps has uncovered exploitable vulnerabilities in Apple’s iOS MobileMail application, which is found on iPhones and iPads. In its report Zec0ps said: “we surmise with high confidence that these vulnerabilities – in particular, the remote heap overflow – are widely exploited in the wild in targeted attacks by an advanced threat operator(s).”

Suspected targets of this type of attach include individuals from a Fortune 500 organisation in North America, an executive from a carrier in Japan, a journalist in Europe, and other high-level executives.Once a Mail app has been compromised, the hacker could leak, modify and delete emails. Additional kernel vulnerability would provide full device access.

Victims would most likely not be able to tell if they were hacked, as the only sign of it is a temporary slow down  or a sudden crash of the application. In failed attacks, emails sent by the attacker would show the message “This message has no content” (see example below).

In order to have the best chance of avoiding this type of cyberattack, Zec0ps said: “To mitigate these issues – you can use the latest beta available. If using a beta version is not possible, consider disabling the Mail application.” Outlook and Gmail are not vulnerable.

The newly released beta update of 13.4.5 does contain a patch for these vulnerabilities.

Source: Zec0ps

The earliest attack of this type is believed to be from January 2018 on iOS 11.2.2. However, Zec0ps believes that the vulnerability has existed in the Mail app since at least iOS6, released in 2012.

Zec0ps found that all the tested iOS versions have this vulnerability, including iOS 13.4.1. The remote heap overflow vulnerability can even be triggered without any user interaction on iOS13, meaning a victim wouldn’t even have to click on a link.

The cybersecurity firm said that they were aware of at least one ‘hackers-for-hire’ organisation selling exploits that used vulnerabilities that leverage email addresses as a key identifier.

 

You may also like
Apple Fails To Materialize As Sonos Buyer, Google Reveals New Competitor
Samsung Tipped To Axe Free Phone Chargers, Follows Apple
Under Armour Looking To Sell MyFitnessPal App
New iPhones Tipped To Gain OLED, Lose Free Charger
Could Australia Be The Next Country To Ban TikTok?