iPhone Contacts App Vulnerable to SQLite Hack Attack: Check Point

APPLE

Apple has never shied away from boasting about how secure its systems are, but researchers have found that contacts saved on iPhones are vulnerable to an SQLite hack attack which could infect the devices with malware.

SQLite – the most widespread database engine in the world – is available in every operating system (OS), desktop and mobile phone. Windows 10, macOS, iOS, Chrome, Safari, Firefox and Android are popular users of SQLite.

Security firm Check Point has demonstrated a technique being used to manipulate Apple’s iOS Contacts app. Searching the Contacts app under these circumstances triggers the device to run malicious codes, Apple Insider reported on Saturday.

The vulnerability has been identified in the industry-standard SQLite database.

Documented in a 4,000-word report, the company’s hack involved replacing one part of Apple’s Contacts app and while apps and any executable code has to go through Apple’s startup checks, an SQLite database is not executable.

“Persistence (keeping the code on the device after a restart) is hard to achieve on iOS as all executable files must be signed as part of Apple’s Secure Boot. Luckily for us, SQLite databases are not signed,” the report quoted the Check Point researchers as saying.

As of now, Apple has not commented on Check Point’s report.

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and subscribe to our YouTube channel.

Jio, Microsoft to Partner for Cloud Solutions

iPad Pro, iPad Lineup to Get Multiple Rear Cameras: Report

Products You May Like

Articles You May Like

Video Game Graphics and Settings Explained
Leo Labs and its high-fidelity space radar track orbital debris better than ever — from New Zealand
Moto G8 Plus Tipped to Launch on October 24; Renders, Specifications Leaked as Well
Up close with Google’s new Pixel 4
Redmi Note 8 Pro, MIUI 11 to Launch in India Today: How to Watch Live Stream, Expected Price, More

Leave a Reply

Your email address will not be published. Required fields are marked *