Researchers for security firm ZecOps have revealed that there is a severe vulnerability in the default mail app for iPhone that opens up your device to hackers.
Previous to this, the flaw hadn’t been disclosed to Apple, but the company is now aware of the bug and will fix it in a future software update. ZecOps says has “high confidence” that “are widely exploited in the wild in targeted attacks by an advanced threat operator” and has targeted at least six “high profile” figures.
All it takes is for hackers to send users a blank email which they would open on their iPhone or iPad in the Mail app, built in by default. The user would need to open this and the code would crash the device, causing them to reboot it. When doing so, hackers can access information on the device. It’s so different from other attacks due to how simply it can be carried out – with no additional software or malware needed to carry it out.
The flaw has existed on Apple’s mobile devices since iOS 6, released in 2012, and still works on devices running iOS 12 or 13. A fix is available in the iOS 13.4.5 beta, but no software update is available publicly (we’re expecting this very shortly as it also fixes a text crashing bug).