Skip to main content

Security researchers discover flaw allowing access to deleted photos on iPhone, fix on the way

An exploit discovered by a pair of security researchers allowed them to hack an iPhone X and access a photo that was supposedly deleted from the device. Apple was informed of the security hole and a fix is on the way.

As first reported by Forbes, hackers Richard Zhu and Amat Cama teamed up and discovered the hole that allowed access to deleted files on iOS devices running iOS 12. This is due to a weakness in the current public version of the Safari browser.

As per the Mobile Pwn2Own contest in Tokyo, Apple has been informed and the hackers were able to walk away with $50,000.

The hack in question would be able to retrieve more than just photos. The vulnerablitiy is found in a just-in-time compiler. These are programs that translate code while a computer rather than before. And because it’s software, it’s bound to have some vulnerabilities. Software vulnerabilities are a common occurrence due to its complex nature. While developers can continue fixing bugs, there’s no guarantee new holes won’t emerge.

The hackers were able to exploit the JIT compiler with a malicious Wi-Fi access point. However, Apple isn’t the only company at fault here. The pair of hackers were able to use the same exploits on Android devices including the Samsung Galaxy S9 and the Xiaomi Mi6.

The pair earned the “Master of Pwn” title for discovering the iPhone vulnerability along with several other exploits showcased during the event.

Apple should have this exploit patched within the next few weeks. The company will likely patch this in the next beta version of iOS 12.1.1.


Subscribe to 9to5Mac on YouTube for more Apple news:

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel