iPhone Contacts App Vulnerable to SQLite Hack Attack: Check Point

APPLE

Apple has never shied away from boasting about how secure its systems are, but researchers have found that contacts saved on iPhones are vulnerable to an SQLite hack attack which could infect the devices with malware.

SQLite – the most widespread database engine in the world – is available in every operating system (OS), desktop and mobile phone. Windows 10, macOS, iOS, Chrome, Safari, Firefox and Android are popular users of SQLite.

Security firm Check Point has demonstrated a technique being used to manipulate Apple’s iOS Contacts app. Searching the Contacts app under these circumstances triggers the device to run malicious codes, Apple Insider reported on Saturday.

The vulnerability has been identified in the industry-standard SQLite database.

Documented in a 4,000-word report, the company’s hack involved replacing one part of Apple’s Contacts app and while apps and any executable code has to go through Apple’s startup checks, an SQLite database is not executable.

“Persistence (keeping the code on the device after a restart) is hard to achieve on iOS as all executable files must be signed as part of Apple’s Secure Boot. Luckily for us, SQLite databases are not signed,” the report quoted the Check Point researchers as saying.

As of now, Apple has not commented on Check Point’s report.

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and subscribe to our YouTube channel.

Jio, Microsoft to Partner for Cloud Solutions

iPad Pro, iPad Lineup to Get Multiple Rear Cameras: Report

Articles You May Like

Leica Leitz Phone 3 With 47.2-Megapixel Primary Camera, Snapdragon 8 Gen 2 SoC Launched
Nokia 6310, Nokia 5310 and Nokia 230 (2024) Models With Unisoc 6531F SoCs Launched
Moto G64 5G Full Specifications Revealed; Dimensity 7025 SoC, 6,000mAh Battery Confirmed
Samsung Galaxy S20 Series Set to Receive Extended Security Updates
Xiaomi Mix Fold 4 Tipped to Get Snapdragon 8 Gen 3 SoC, Upgraded Quad Rear Cameras

Leave a Reply

Your email address will not be published. Required fields are marked *