Home > Brands > Apple > ‘Hackers For Hire’ Exploit Security Vulnerability Found In Apple’s Mail App

‘Hackers For Hire’ Exploit Security Vulnerability Found In Apple’s Mail App

Cybersecurity company Zec0ps has uncovered exploitable vulnerabilities in Apple’s iOS MobileMail application, which is found on iPhones and iPads. In its report Zec0ps said: “we surmise with high confidence that these vulnerabilities – in particular, the remote heap overflow – are widely exploited in the wild in targeted attacks by an advanced threat operator(s).”

Suspected targets of this type of attach include individuals from a Fortune 500 organisation in North America, an executive from a carrier in Japan, a journalist in Europe, and other high-level executives.

The earliest attack of this type is believed to be from January 2018 on iOS 11.2.2. However, Zec0ps believes that the vulnerability has existed in the Mail app since at least iOS6, released in 2012.

Zec0ps found that all the tested iOS versions have this vulnerability, including iOS 13.4.1. The remote heap overflow vulnerability can even be triggered without any user interaction on iOS13, meaning a victim wouldn’t even have to click on a link.

Once a Mail app has been compromised, the hacker could leak, modify and delete emails. Additional kernel vulnerability would provide full device access.

The cybersecurity firm said that they were aware of at least one ‘hackers-for-hire’ organisation selling exploits that used vulnerabilities that leverage email addresses as a key identifier.

Victims would most likely not be able to tell if they were hacked, as the only sign of it is a temporary slow down  or a sudden crash of the application. In failed attacks, emails sent by the attacker would show the message “This message has no content” (see example below).

In order to have the best chance of avoiding this type of cyberattack, Zec0ps said: “To mitigate these issues – you can use the latest beta available. If using a beta version is not possible, consider disabling the Mail application.” Outlook and Gmail are not vulnerable.

The newly released beta update of 13.4.5 does contain a patch for these vulnerabilities.

Cybersecurity company Zec0ps has uncovered exploitable vulnerabilities in Apple’s iOS MobileMail application, which is found on iPhones and iPads. In its report Zec0ps said: “we surmise with high confidence that these vulnerabilities – in particular, the remote heap overflow – are widely exploited in the wild in targeted attacks by an advanced threat operator(s).”

Suspected targets of this type of attach include individuals from a Fortune 500 organisation in North America, an executive from a carrier in Japan, a journalist in Europe, and other high-level executives.Once a Mail app has been compromised, the hacker could leak, modify and delete emails. Additional kernel vulnerability would provide full device access.

Victims would most likely not be able to tell if they were hacked, as the only sign of it is a temporary slow down  or a sudden crash of the application. In failed attacks, emails sent by the attacker would show the message “This message has no content” (see example below).

In order to have the best chance of avoiding this type of cyberattack, Zec0ps said: “To mitigate these issues – you can use the latest beta available. If using a beta version is not possible, consider disabling the Mail application.” Outlook and Gmail are not vulnerable.

The newly released beta update of 13.4.5 does contain a patch for these vulnerabilities.

Source: Zec0ps

The earliest attack of this type is believed to be from January 2018 on iOS 11.2.2. However, Zec0ps believes that the vulnerability has existed in the Mail app since at least iOS6, released in 2012.

Zec0ps found that all the tested iOS versions have this vulnerability, including iOS 13.4.1. The remote heap overflow vulnerability can even be triggered without any user interaction on iOS13, meaning a victim wouldn’t even have to click on a link.

The cybersecurity firm said that they were aware of at least one ‘hackers-for-hire’ organisation selling exploits that used vulnerabilities that leverage email addresses as a key identifier.

 

You may also like
Free Year Of Apple TV+ Extended Again
The Death Of Face ID? Apple Tipped To Bring Back Touch ID To iPhone 13
The iPhone 13 Could Have Vapour-Chamber Cooling Tech To Limit Overheating
Apple Begins Testing For Foldable iPhones, Upgrades For iPhone 13 Revealed
Two Faced Apple Boss Talks Up ‘Responsible Behaviour’ But Fails To Mention Apple’s Shocking Track Record