At the BlackHat USA security conference in Las Vegas, Natalie Silvanovich, a security expert from the Google Project Zero team, showed a new attack called “interaction-less” bug in the iOS iMessage client, which can be controlled user’s device with just one text message. At present, Apple has released some security patches for these bugs, but it has not been completely fixed.
These vulnerabilities can become a variety of bugs for executing malicious code and accessing user data. So the worst case is that hackers use these errors to harm users. Silvanovich teamed up with Project Zero member Samuel Groß to discover these vulnerabilities and discovered several exploitable vulnerabilities in iMessage after reverse engineering.
The reason for these vulnerabilities is because iMessage provides a range of communication options and features, such as Animojis and Apple Pay, which will inevitably lead to more bugs and vulnerabilities. This “interaction-less” vulnerability allows hackers to extract information from users’ information. This vulnerability also allows an attacker to send specially crafted text content to a target, stealing SMS messages or content from images.
“Bugs like this haven’t been made public for a long time,” Silvanovich says. “There’s a lot of additional attack surface in programs like iMessage. The individual bugs are reasonably easy to patch, but you can never find all the bugs in software, and every library you use will become an attack surface. So that design problem is relatively difficult to fix.”