Page Loader
Hackers can break into iOS 13, access contacts: Here's how

Hackers can break into iOS 13, access contacts: Here's how

Sep 15, 2019
02:19 pm

What's the story

In a matter of days, Apple will release the stable version of iOS 13 to the public. The platform will come with a bunch of features. But, according to recent reports, it carries a loophole, one that allows a hacker to break into an iPhone and access its contacts. Here's all about the exploit and its working.

Hack

iOS 13 lock screen can be bypassed

When iOS 13 was launched in beta, white hat security researchers analyzed the release in search of security vulnerabilities. The search went pretty well and no major issues were unearthed, except for a loophole that allowed researcher Jose Rodriguez to bypass the lock screen of the platform and access the email addresses, phone numbers, address information, and other details saved on the targeted iPhone.

Working

How the exploit worked?

Detailing the bug to The Verge, Rodriguez claimed that the issue is similar to the one flagged in iOS 12.1 and works by starting a FaceTime call on the target iPhone. He shared a video that demonstrated how one could activate a FaceTime call and then use Siri to turn on the voiceover feature of iPhones for accessing contact information.

Issue

iOS 13 Gold Master version carries this loophole

The researcher said that he had informed Apple about this loophole back in July, but somehow it still works on the Gold Master version of iOS 13, which is set to release on September 19. The folks at The Verge also verified the same, but don't panic yet; a fix has been spotted in the beta version of iOS 13.1.

Risk

Do you need to worry about this issue?

Well, if you're running iOS 13 beta or GM edition, the bug can be used by a threat actor to break into your iPhone. However, you should note that it is not that easy to do so. The hacker would need direct physical access to your device (which is not always possible) as well as a little time to start FaceTime and voiceover features.

Information

Also, no other data is at risk

The loophole in question is scary but it only puts contact information stored on an iOS device at risk. Other data, including locally stored photos and iCloud data, remains unaffected.