Two hackers have collected a bounty of $50,000 for finding an exploit in the iPhone X that lets you recover a previously deleted photo or file. During a mobile contest where hackers located bugs in iOS and Android, two hackers Richard Zhu and Amat Cama uncovered the vulnerability today and presented it in a demo. So far, Apple has been notified about the bug but it remains accessible at least until the next iOS update, as first reported by Forbes.
While the attack requires some access to the target device, researchers believe it could be deployed through a malicious Wi-Fi access point, putting it within reach for many attackers.
When you delete a photo on the iPhone X, iOS first prompts you with “This photo will be deleted from iCloud Photos on all your devices,” accompanied by a Delete Photo button. After doing so, you’ll see the photo in the Recently Deleted folder (it gets deleted immediately if you don’t have any iCloud storage left). You can then head to Recently Deleted in order to delete the photo immediately, otherwise it will be slowly deleted after up to 40 days have expired.
However, the two hackers discovered a way for remote actors to recover these Recently Deleted photos. The two found a vulnerability in the just-in-time (JIT) compiler, which is supposed to process computer code as a program runs, hence the name. If the compiler is compromised, it’s possible for attackers to retrieve the recently deleted files. In theory, any data processed by the JIT compiler could be vulnerable to the attack; researchers simply used a photo as a proof of concept. We’ve reached out to Apple for comment on when the bug will be fixed.
Source: The Verge