Latest News

Classic Hits Mornings

Hackers May Be Stealing Your Data Via An App That's Pre-installed On Your Phone

phone

It's Scams Week, so this new information about hackers couldn't have come at a better time. 

Apple is in a bit of hot water right now, after several stories have come out about their lack of appropriate cyber security.

Firstly, the company's FaceID technology was hacked, and then it was revealed secret software on the phone will disable features and send warnings if you try replace the battery anywhere other than the Apple store. 

The latest issue, however, blows both of those revelations out of the water. 

Investigated at the Def Con 2019 Hackers Convention a security firm, 'Check Point', found a way to hack pretty much every iPhone and iPad in existence through an app we use every single day. 

Devices can be targeted through the Contacts App, an app that is built into every IOS device. 

Using the SQLite database (industry standard software) hackers can exploit your contacts app and steal private info.

This software is available in every operating system, desktop and mobile. Not just Apple uses it either - Windows 10, Chrome, Safari, Firefox and Android are all well-known users. Check Point have a startling finding. 

“In short, we can gain control over anyone who queries our SQLite-controlled database.” 

This is all because of a pre-existing bug Apple already knew about - for four years!

However, at the time they thought this bug was insignificant as it would require an unknown app to gain access. 

Check Point managed to create an app that appeared safe, which was then trusted by Apple. 

In reality they were mining data with the app, infiltrating the system and accessing data they wouldn't otherwise have been able to access. 

“We established that simply querying a database may not be as safe as you expect,” they said. “We proved that memory corruption issues in SQLite can now be reliably exploited.”

The company has passed on its findings to Apple, in the hope they decide to fix the bug as soon as possible.