Home » News » Mobile Phones » iOS Flaws let hackers break into iPhones by just sending a text

iOS Flaws let hackers break into iPhones by just sending a text

By Prakhar Khanna | Updated on 27-Aug-2019
iOS Flaws let hackers break into iPhones by just sending a text
Prakhar Khanna Prakhar Khanna
08 Aug 2019 18:22
HIGHLIGHTS

Interaction-less flaws can let hackers break into iPhones by sending a text.

The flaws were showcased at the Black Hat USA 2019 conference in Las Vegas.

At the Black Hat USA 2019 conference in Las Vegas, a new iOS flaw was revealed which let hackers break into iPhones by just sending a text. Google security engineer Natalie Silvanovich showcased a presentation titled "Look, No Hands! The Remote, Interaction-less Attack Surface of the iPhone,” which discussed the potential vulnerabilities on iOS’ SMS, MMS, Visual Voicemail, iMessage and Apple Mail.

According to Silvanovich, simply receiving an iMessage could be enough to get yourself hacked. You don’t require to click on any malicious link or even open the text message. You just have to receive it, which by the way, is mostly not in your hands. She presented multiple so-called “interaction-less” bugs in Apple’s iOS iMessage client that could be misused to gain control of a user’s device. 

“These can be turned into the sort of bugs that will execute code and be able to eventually be used for weaponized things like accessing your data,” Silvanovich says. “So the worst-case scenario is that these bugs are used to harm users.”

Silvanovich, according to Wired, “got interested in interaction-less bugs because of a recent, dramatic WhatsApp vulnerability that allowed nation-state spies to compromise a phone just by calling it—even if the recipient didn’t answer the call.” Further, she looked for similar issues in SMS, voicemail, and MMS. First, she didn’t find any issues, but when she started reverse engineering and looking for flaws, she found multiple exploitable bugs.

One of these flaws can be used by a hacker to extract data from a user’s messages. All the hacker needs to do is send a specially crafted text message to a target, and the iMessage server would send back data to the sender, like the content of their SMS messages or images. Another flaw could lead to malicious code being placed on a victim's device from just an incoming text.

Meanwhile Apple has patched six of these flaws. You can find the PDF version of Silvanovich's presentation here.

Prakhar Khanna

Prakhar Khanna

I write about tech stuff and tell (stupid) jokes View Full Profile

New Mobiles
Apple IPhone 15Redmi 12 5GRealme 11 Pro+ 5GApple IPhone 15 PlusNothing Phone 2
Top-10s
Best Mobile Phones under 15,000Best Mobile Phones under 20,000Best Mobile Phones Under 10,000Best Mobile PhonesBest 5G Mobile Phones
Terms of Use Privacy Policy About Us Advertise with us Contact Us SiteMap Current / Past Issue Magazine Subscription
9.9 Group

Digit.in is one of the most trusted and popular technology media portals in India. At Digit it is our goal to help Indian technology users decide what tech products they should buy. We do this by testing thousands of products in our two test labs in Noida and Mumbai, to arrive at indepth and unbiased buying advice for millions of Indians.

We are about leadership – the 9.9 kind Building a leading media company out of India. And, grooming new leaders for this promising industry.

logo logo logo logo logo logo
Copyright © 2007-24 9.9 Group Pvt.Ltd.All Rights Reserved.
Digit.in
Logo
Digit.in
Logo