Hackers found a way to infiltrate iPhones by simply sending a message via iMessage. This method was explained at the Black Hat security conference in Las Vegas, USA.
We always think about the hacking of smartphones in the same way. We believe it is necessary to click on an unsafe link in an incoming message, download an application from an unclear source, or otherwise perform unsafe transactions.
Speaking at the Black Hat security conference in Las Vegas, US, Google Project Zero researcher Natalie Silvanovich, Apple’s iOS messaging application “interfering” as described the errors described. Those who benefit from these errors, others can take control of their phone. Although Apple has fixed five of these errors, there are a few problems that need to be solved.
Silvanovich, these errors can be applied to all kinds of commands, in the worst case could damage the owners of the information shared. Project Zero Silvanovich and his friend Samuel Gross’s to work together to examine this WhatsApp its call, even if the call does not answer the vulnerability that provides access to the phone.
The researcher, who has been waiting to observe a similar vulnerability in SMS, MMS and voice messages, has found that iMessage has many usable vulnerabilities, although he fails to do so.
iMessage is a highly complex messaging system that works with applications other than analogies. Therefore, it becomes more likely that the program has gaps and weak points.
One of the vulnerabilities is that a specially crafted message makes it possible for all the SMS information of the person to be transmitted to the attacker. The victim doesn’t even have to open that message. Although Apple normally has a countermeasure against it, iMessage considers the attack messages to be appropriate and secure, as this attack is based on the logic of the firm’s own security system. Other vulnerabilities found to make it possible to install malware on the victims’ phones.
Such attacks are frequently used, especially for large-scale hacking attacks. The more software develops, the more vulnerable it is to attack. For this reason, companies are constantly trying to improve their security, but it may not be possible to close all the gaps.
The most basic thing to protect against such attacks is to keep the applications up to date.