ZecOps report states that the vulnerability in the iOS Mail goes back to as far as the iOS 6 and has been found in the latest iOS versions too. The firm had reportedly informed Apple in March earlier this year. Apple is reported to be working on the fix which would be rolled out in its next update.
Mail Alert: Blank Messages Might
However, the cybersecurity firm has noted that the bug has already been exploited multiple times to attempt sophisticated attacks on users including professionals, enterprises, VIPs, and MSSPs. Notably, ZecOps has further mentioned that the list of attacks includes at least six high profile victims from several parts of the world. It hasn’t revealed any names but shared that the affected victims include a Fortune 500 company in North America, a European journalist, a Japanese mobile carrier executive, a German individual as well as technology professionals in Israel and Saudi Arabia. Furthermore, the suspicious activities have been found dated back to as far as January 2018. ZecOps elaborates that hackers would send blank emails to iPhone or iPad users on Mail to exploit the flaw. It would crash the app whenever the email was opened prompting for a reboot. Hackers would then gain access to all the information on the device during the reboot. Remarkably, it doesn’t require users to download any software or visit any other link. Therefore, it can be extremely difficult for users to notice or prevent such an attack. Additionally, hackers would also delete the email itself after the attack has been successfully carried out clearing traces of its origin.
Also Read: iPhone SE 2020 Review
Several cybersecurity experts have shared concerns over the latest revelation by ZecOps as Apple products are usually considered much more secure than other devices.