Recently Apple announced a bounty of $1 million for the hackers who can hack the iPhone given by Apple and the convention of Black Hat some security experts were able to hack iPhones’ Face ID system. Apple is trying to seal every aspect by which their devices can be hacked that’s why Apple will now restrain some features if a user replaces the iPhone’s battery other than Apple’s. Now, Apple’s iPhone and iPad have a flaw and through hackers every 1.4 billion users’ devices easily with some requiring tools.
As per the recent reports, a security firm named Check Point has stated that they have found a trick to hack and every iPad and iPhone that runs on iOS 8 to iOS 13. This clearly means that the devices all the way from iPhone 4S to latest the iPhone 11 that is going to release next month. So every user needs to know how it can be done and how the entire iOS universe of 1.4 billion users are at risk.
The security firm revealed that the iOS Contact app can be hacked using the basic standard SQLite database so that while searching for Contacts can trick the iPad or iPad into a malicious code that is able to steal user’s passwords and other data.
According to Check Point report, SQLite is one of the most wide-spread databases in the world and it is available in every OS from mobile phone to desktop. Android, iOS, macOS, Safari, chrome, and FireFox are some well-known users of it. The report of Check Point security firm also claims that why this bug has been available for more than four years and it has not been solved by Apple since then. But the question is why the Contact app vulnerability should exist?
The researchers from Check Point state that this trick can only be processed and make Contact app vulnerable if an untrusted source of app is installed on the iOS device and it could open window for SQL database and the data can be stolen. But the firm stated that SQLite is versatile and it can be used in various scenarios to trigger hack.
So according to Check Point, we can guess that Apple might have thought this bug to be an unimportant or “non-threatable” as it could only be tricked by an unknown and untrusted app installed on the device accessing the database and in iOS there are zero possibilities. But the researchers at Check Point managed to installed a trusted app (a tweaked Contact app) on the device and were able to send the malicious code to this bug and exploit it.
This might be the ignored bug by Apple which can cause some potential consequences but there are some other factors which need to be required to trigger this big such as iOS device should be unlocked. But still, Apple needs to solve such bugs without being lazy. As a few months ago a report claimed that several flaws were found in iMessage which can allow hackers to get access to your files on the device from anywhere and some of these flaws are not fixed till today.
Well, Apple is always known for its security and privacy and we can hope that it will fix such issue with the latest software update for the devices.