Apple Inc.’s millions of iPhones and iPads are vulnerable to hackers due to a flaw in its email software, according to cybersecurity company ZecOps Inc. The technology giant is now planning to fix the issue in its Mail app after being alerted by the San Francisco-based mobile security firm, multiple reports said.
Apple reportedly has developed a fix that will be applied in a forthcoming update on its devices.
According to research published by ZecOps, two exploitable vulnerabilities were discovered in the mail app, which would have allowed hackers to steal data for years. The company discovered the issue while investigating a cyber attack against a client that happened in late 2019.
Zuk Avraham, the founder, and chief executive officer of ZecOps, said hackers can exploit the vulnerability when a specially crafted email is opened on the mail app on an iPhone or an iPad.
ZecOps said at least six organizations were impacted by this vulnerability starting from January 2018, and that the potential abuse of this vulnerability is enormous.
The suspected targets included individuals from a Fortune 500 organization in North America, an executive from a carrier in Japan, a VIP from Germany, and a journalist in Europe, among others.
ZecOps said it surmises with high confidence that these vulnerabilities are widely exploited in the wild in targeted attacks by an advanced threat operator.
The company added that both bugs were already disclosed publicly during Apple’s beta update, and warned that the attackers will likely use the time until a patch is available to attack as many devices as possible.
ZecOps also said the users can protect themselves by applying the beta patch, or stop to use Mail and temporarily switch to alternatives that are not vulnerable to these bugs.
As per reports, about 900 million Apple iPhones were in active use in 2019.
Source: Read Full Article