Apple has always pitched the iPhone as the most secure consumer device, but that doesn’t mean it can’t be hacked. About a year ago, security researcher Ian Beer found about 30 different vulnerabilities in iOS. This was while working for Google’s Project Zero, a team of elite hackers tasked to find and report vulnerabilities in competitor products. Also Read - iMessage vulnerability: Hackers can now hijack your iPhone by just sending a text message
Now, researcher Natalie Silvanovich working with Project Zero talks about 10 ways in which hackers can gain access to an iPhone. Silvanovich and fellow researcher Samuel Groß revealed the iOS flaws at the Black Hat hacking and security conference that took place last week in Las Vegas. Also Read - Google's Project Zero researchers disclose six 'interactionless' vulnerabilities in iMessage
Project Zero hackers explain iOS vulnerabilities
“There have been rumors of remote vulnerabilities requiring no user interaction being used to attack the iPhone, but limited information is available about the technical aspects of these attacks on modern devices,” the report mentioned (via Vice). Also Read - Google Project Zero reveals iOS 11 exploit that could lead to jailbreak
The security researchers found vulnerabilities in Apple services like email, visual voicemail and text messaging. However, the highest number of high-impact bugs were found in the default messaging app on iOS and Mac devices. The iMessage bug, in particular, allows hackers to send a specially crafted text message to gain access to users text messages and images. When this vulnerability is exploited by hackers, the victim may never see the message or even know that they are being targeted.
“Overall, the number and severity of the remote vulnerabilities we found were substantial. Reducing the remote attack surface of the iPhone would likely improve its security,” Silvanovich said.
Six of these vulnerabilities have already been patched. However, a lot of them are not. In case, there are many more to be revealed as well. The researchers said that they are motivated hunting for such vulnerabilities. Recently, a WhatsApp vulnerability allowed hackers to install spyware on iPhones and snoop on voice calls.