Contacts on iPhones vulnerable to hack attack: Report
11-August-2019
Apple has never shied away from boasting about how secure its systems are, but researchers have found that contacts saved on iPhones are vulnerable to an SQLite hack attack which could infect the devices with malware.
SQLite - the most widespread database engine in the world - is available in every operating system (OS), desktop and mobile phone. Windows 10, macOS, iOS, Chrome, Safari, Firefox and Android are popular users of SQLite.
Security firm Check Point has demonstrated a technique being used to manipulate Apple's iOS Contacts app. Searching the Contacts app under these circumstances triggers the device to run malicious codes, Apple Insider reported on Saturday.
The vulnerability has been identified in the industry-standard SQLite database.
Documented in a 4,000-word report, the company's hack involved replacing one part of Apple's Contacts app and while apps and any executable code has to go through Apple's startup checks, an SQLite database is not executable.
"Persistence (keeping the code on the device after a restart) is hard to achieve on iOS as all executable files must be signed as part of Apple's Secure Boot. Luckily for us, SQLite databases are not signed," the report quoted the Check Point researchers as saying.
As of now, Apple has not commented on Check Point's report. IANS
ED Attaches Rs 97.79 Crore Worth of Properties Belonging to Raj Kundra Under PMLA
ISRO's Former Director Cites Probability Theory in Support of Possible Alien Existence
Gaming Startup LightFury Raises $8.5 Million to Develop AAA Titles in India and UK
Wow! Momo Raises Rs 70 Crore, Following Rs 350 Crore Investment to Extend Growth
After Six Years of Profitable Bootstrapping, Medulance Raises Rs 25 Crore to Expand Nationally