Clicking photos is arguably one of the most common things people do with their smartphones these days. And with mobile devices coming with copious internal storage, majority of users never really delete all those photos that they take. Not just that, many users also have a lot of their important files stored on their smartphones. If that includes you, and you happen to have an Apple smartphone, we’d advise going the extra mile to ensure the security of the data you have stored on it.
On the first day of Pwn2Tokyo, an annual hacking contest where hackers battle each other to locate bugs in iOS and Android, two hackers – Richard Zhu and Amat Cama – exploited a vulnerability on the Apple iPhone X, which can be exploited to recover recently-deleted files or photos. It’s worth mentioning that even though the hackers demonstrated the issue with an iPhone X, since the bug is present at the OS level, it’s quite possible that all Apple iPhones have the same problem.
Normally, whenever a photo is deleted on the iPhone X, iOS prompts the user with a ‘This photo will be deleted from iCloud Photos on all your devices’ message, along with a ‘Delete Photo’ button. Once that’s done, the photo goes to the ‘Recently Deleted’ folder, from where it must be manually deleted. Otherwise, the photo is automatically deleted after a set time-frame.
Watch: Apple iPhone X Review
However, the hacker duo exploited a vulnerability in the Just-In-Time (JIT) compiler, allowing the deleted folders to be accessed. Theoretically, not just photos, but any recently-deleted file can be accessed using this exploit.
As per a report by Forbes, Apple has been made aware of the bug, but it most likely won’t be patched until the next iOS update.