Worth Of $5 Million On Black Market For Security Bugs Patched With iOS 12.4 Update
The Google Project Zero researchers named Samuel Grob and Natalie Silvanovich have noticed some serious problems regarding security in the Apple iOS operating system that would easily have sold millions as far as the black market is concerned.
Security Bugs Patched With iOS 12.4: Image Source
It is one of the most unexpected issues in a product that belongs to one of the leading companies in the world of technology known as Apple. No one had ever thought of such a serious issue will be discovered in the iOS systems that are below 12.4 updates.
Interactionless Bugs
According to the researchers, all the six problems that they have found do not need any interaction on part of the mobile user and can be carried out on a remote device. In four of these threats the person who wants to attack does not have to do much, all he has to do is to send a virus or malicious code through iMessage and wait until the user views the message.
Two of these bugs help the attacker hack the data of the phone’s memory and read the files off with the help of a remote device and the phone user does not have to do anything. In other words, these bugs are the type that is loved by the hackers as they can get all the information stored in a device’s memory without the owner even knowing it.
Five Out Of Six Security Threats Patched With iOS 12.4 Update
According to the information provided by the researchers five of these six security flaws were patched with iOS 12.4 updates of last week. The two researchers have already published their reports online. Silvanovich will discuss the details about some of these bugs and might give a demonstration of activities being planned at the Black Hat security conference which is going to be held in Las Vegas in the coming week.
This presentation describes the remote non-interactive attack surface of the iOS, the following is a part of the discussion, and ‘It discusses the probability for the threats in MMS, SMS, iMessage, Visual Voicemail, and Mail and explains how to set up the tools for testing of the components.’
All the details about the unpatched virus will stay a secret until the problem is tackled by Apple. Though the company released an update last week and reportedly it did fix the security threats but according to some of the sources one of the bugs in the update was not even fixed completely.
According to the news in the market about the iOS operating system, there are a number of security threats in all the versions of iOS updates before the 12.4 update.
According to the news Apple has patched five out of six bugs by introducing the iOS 12.4 update and all the users of Apple iPad, iPods, and iPhones who are already using the iOS 12 should update to 12.4 for protection from the security threats found in the previous versions. Most of the Apple users are so loyal to the company that they take such news as rumors and do not respond to the alerts that are against their favorite company. Maybe this is the reason why most of the users have still not switched to iOS 12.4.
Worth More Than $5 Million On The Black Market
It is an admitted fact that the things that reach the black market tend to be sold at unbelievable high prices. The hackers from all over the world are always in search of the loopholes in the latest technology gadgets that they can use for their own good. Hacking is a threat to the leading technology firms, great businesses and even nations as there are expert hackers who have the skills to unlock any software and hack all the information. It is a blessing that the security flaws in the Apple software did not reach in the hands of people involved in black hat activities as it would have helped them earn a fortune and many people and businesses would have been destroyed by the hackers.
The bugs that do not need the interaction from the phone user are very much in demand for the hackers, this kind of security threats can be sold to make a fortune if the black market is used.
According to a price chart that Zerodium has published as ZDNet the bugs like these can be sold for more than $1 million per piece on the black market.
Crowdfense who is another dealer of the black market claimed that the security threats like these could be sold between $2 million to $4 million per bug.
In the past, most of the iOS users refused to use any security software thinking that they were already using an operating system that was the securest and nothing more was needed to protect their privacy. The fact that the operating systems below 12.4 had six “Interactionless” bugs have damaged the reputation of Apple for a number of Apple users and many new potential customers are now confused. The company has warned its users to update their devices to 12.4 to protect their phones from the bugs but only 9.6 users have done so. This thing is indeed alarming for the company.
Being one of the leading companies making phones with the latest technology Apple should take measurements, to make sure that no such thing happens in the future.
