A text message can hack your iPhone. Sounds like a plot for a sci-fi movie or a Robin Cook novel but its not. Google’s research team Project Zero discovered 6 alarming bugs in Apple’s iMessage that could be exploited to gain control over users’ iPhones and cause potential harm.
“These can be turned into the sort of bugs that will execute code and be able to eventually be used for weaponized things like accessing your data, so the worst-case scenario is that these bugs are used to harm users”, said Project Zero researcher Natalie Silvanovich.
How vulnerable is iMessage?
4 out of the 6 malicious bugs allow a hacker to break into your phone by sending you a coded iMessage. Apple has fixed 5 of the bugs, but one still remains, and it is one of the 4 that can cause a serious threat to your data and privacy.
Once you open the message, the hacker gets access to your phone and data. They can access everything on your phone, your photos, messages, bank details, credit card information, transactions, etc. They also can crash or wipe out your phone.
Project Zero has published details about the 5 bugs that have been fixed. The 6th one has been kept under wraps to prevent hackers from using it.
To protect yourself from the 5 that have fixed, update your phones to the latest version of iOS. Apple has always maintained that to protect yourself from threats and maintain the security of Apple products, you should always keep your software up-do-date.
Is data security a myth?
Security has been a key part of Apple’s marketing campaign, especially after Facebook and Google’s data breach and privacy lapses in the recent past, with Tim Cook declaring that privacy is a ‘fundamental human right’.
Apple has delivered on its promise for most parts but have found themselves in similar sticky situations with their FaceTime eavesdropping controversy where an Arizona teen discovered a bug that allowed a caller to hear the conversation on the other end even before the phone was answered.
Silvanovich, along with Project Zero member Samuel Groß, have been researching interaction-less bugs that allow access to devices by simply calling or messaging them, without the need for the recipient to answer calls.