Last week saw contradictory claims about iPhone Mail vulnerabilities, with a security company claiming that they had been exploited in real-world attacks, and Apple stating that it can find no evidence of this.
Two leading security researchers have now weighed in on this, agreeing with Apple on one point, while stating it remains possible that the bugs have been exploited …
Everyone now appears to agree with one of Apple’s statements: that the iOS Mail app vulnerabilities discovered by ZecOps cannot be exploited on their own. Apple said:
ZecOps accepts this, and it has been backed by other security researchers. However, as we noted last week, that doesn’t mean that they couldn’t have been exploited alongside other vulnerabilities in order to carry out a successful attack.
Wired reports that our take has now been echoed by two high-profile security researchers.
Former NSA hacker Patrick Wardle agrees, making the point that absence of evidence is not evidence of absence, and saying it wouldn’t be surprising that Apple would be unable to detect these attacks even if they have taken place.
“A zero-click like this is especially interesting because it is not a full exploit chain, yet due to the nature of how it works, it could enable something like a smash-and-grab for mailbox data. Even the prospect of copying emails then self-deleting the crafted ‘attack email’ is quite scary.”
If the iPhone Mail vulnerabilities have been exploited, however, this is mostly likely against specific, high-profile targets.
Even the crudest zero-click attacks leave little trace, which makes tracking them an issue. Security analysts say that in many cases, the very features that make software more secure often make zero-click attacks harder to detect […]
“We don’t see a lot of these zero click vulnerabilities exploited in the wild and that is because they’re so difficult to detect—it’s not because they’re not out there.”
Image: Litmus