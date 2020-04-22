This is a rare and frightening security bug on the iOS operating system. The Californian cybersecurity company ZecOps unveiled this disturbing discovery on its blog this Wednesday (in English) on the Mail application, installed by default on Apple’s iPhone and iPad.

This is a resounding security breach exploitable by hackers that the brand with the crunchy apple has officially recognized.

Tim Cook’s company intends to repair it during the next iOS 3.4.5 update of hundreds of millions of devices already sold.

Qualified as “zero day” because completely unknown to the manufacturer’s engineering teams, this vulnerability allows a hacker who knows it to remotely launch a cyber attack with an apparently empty email which causes the application to bug and forces it to restart.

Examples of blank emails that are failed attacks / DR / ZecOps

This then opens the door to the hacker who can enter the smartphone and steal part of its content including photos or contacts used by Mail.

According to ZecOps researchers, all versions of Apple’s software since 2012 – and therefore millions of iPhones and iPads – are potentially affected by this bug.

He was under radar until experts autopsy an attack on one of their clients. But it was undoubtedly exploited during some years by small malicious geniuses of data processing or of the agencies agencies with a high technical level in cyberattacks.

Targeted VIP profiles

On his blog, Zuk Avraham, the boss of the start-up, claims that the security breach has been used, for example, to attack public figures or VIP targets almost undetectably since at least January 2018.

He quotes, without providing proof, leaders of leading American companies, a Japanese telephone operator or even a German billionaire.

Extremely rare at Apple, which has built its reputation on the security of its devices, such a “phantom” security vulnerability is worth up to $ 1 million on the black market of hackers. It is of interest to top hackers and intelligence agencies around the world.

While waiting for the corrective update, it is strongly advised to check your emails on Outlook or Gmail applications.