Contacts on iPhones vulnerable to hack attack: Report
11-August-2019
Apple has never shied away from boasting about how secure its systems are, but researchers have found that contacts saved on iPhones are vulnerable to an SQLite hack attack which could infect the devices with malware.
SQLite - the most widespread database engine in the world - is available in every operating system (OS), desktop and mobile phone. Windows 10, macOS, iOS, Chrome, Safari, Firefox and Android are popular users of SQLite.
Security firm Check Point has demonstrated a technique being used to manipulate Apple's iOS Contacts app. Searching the Contacts app under these circumstances triggers the device to run malicious codes, Apple Insider reported on Saturday.
The vulnerability has been identified in the industry-standard SQLite database.
Documented in a 4,000-word report, the company's hack involved replacing one part of Apple's Contacts app and while apps and any executable code has to go through Apple's startup checks, an SQLite database is not executable.
"Persistence (keeping the code on the device after a restart) is hard to achieve on iOS as all executable files must be signed as part of Apple's Secure Boot. Luckily for us, SQLite databases are not signed," the report quoted the Check Point researchers as saying.
As of now, Apple has not commented on Check Point's report. IANS
Sex Scandal: SIT Rejects Prajwal Revanna’s Request; Lookout Notice Issued, Another Victim Comes Forward
Explore Sridevi's Cherished Chennai Home with Host Janhvi Kapoor on Airbnb
Sanjay Raut Questions Increase In Maha Voting Percentage After 11 Days
Rohit Nagdewani’s Fresh From Farm Raises $2 Million, Aims For Aggressive Expansion in Delhi/ NCR
IIT Roorkee Startup Wins DRDO's 'Dare to Dream 4.0' with Innovative Gun-Shot Detection Tech