Vulnerabilities and their exploitation in tech devices is nothing new. The phenomenon is becoming increasingly common, with cyber meltdowns involving even high-profile cases being reported every once in a while now. But when mighty Apple, known for its āhigh standardā of security, messes up, it is sure to raise some eyebrows.
San-Francisco based cybersecurity firm ZecOps claims to have unearthed two āexploitable vulnerabilitiesā in Appleās mail app and promptly alerted the company. Apple later released a beta update to temporarily fix the bug earlier this month, confirming publicly the presence of the loophole. The company is currently working on a full update to fix the lapse and hopes to roll it out soon.
The vulnerability assumes access to the mailbox by sending an apparently blank email message through the mail app, forcing a crash and reset. The breakdown enables hackers to steal sensitive data, such as photos and contact details, Zuk Avraham, ZecOpsā Chief Executive says.
The loophole, which he says has been exploited by hackers as far back as January 2018, allowed them to steal data even if the device ran recent versions of iOS.
ZecOps claims the flaw was used against one of its clients, which it describes as aĀ āFortune 500 North American technology company.ā The firm also claims to have found evidence of similar attacks against āan executive from a carrier in Japan,ā as well as āa journalist in Europe.ā