iPhone users warned over newly discovered iOS flaw that could completely sabotage your device
Your iPhone could be at risk of a cyber attack from hackers
iPhone users have been warned over a newly discovered iOS flaw that could completely sabotage your device.
An app developer uncovered the issue and has found that just a single line of code could sabotage your iPhone remotely.
The security researcher in question is Gilherme Rambo who discovered that there is a hidden flaw within the internal messaging system of the device.
This vulnerability in iOS is related to Darwin notifications, which is the low-level interprocess communication mechanism within iOS.
Advert
It doesn’t verify the sender, doesn’t require special privileges to send or receive and is a public API.
This is bad news for Apple fans as it means that any app on your device could have sent a malicious notification and remotely sabotaged the phone.
Rambo explained that Darwin notifications interfere with system operations because of the way the phone responds to them, and this is how they’re able to disrupt normal device functionality.
In order to investigate the issue, Rambo created a widget extension he called ‘VeryEvilNotify’ which would softly sabotage a device to test the bug.
Speaking to CyberNews, Rambo said: “Since I was looking for a denial-of-service attack, this last one (‘restore in progress’ mode) seemed to be the most promising, as there was no way out of it other than by tapping the ‘Restart’ button, which would always cause the device to reboot.”
He added: “I suspect that if the app ended up in the backup and the device was restored from it, the bug would eventually be triggered again, making it even more effective as a denial of service.”
According to the expert, apps could send a seemingly innocent notification such as a ‘liquid detection’ and this will trigger a malicious cyber attack.
Rambo alerted Apple to the issue and the app developer was awarded with $17,500 as a bug bounty.
And the good news is that Apple reacted to the vulnerability, fixing the bug in security updates.
Rambo went on to say that the release of 18.3 saw all of the issues he had demonstrated being addressed.
If you’re worried that your device could be vulnerable to the flaw then users are being urged to update their devices to iOS 18.3.
This will immediately patch the problem along with other bugs that have been fixed by Apple in its latest operating system update.
Previously, iPhone owners were warned that they must check their settings for a set of 'wrong three numbers' that mean they must upgrade.