Competition Mobile Pwn2Own, two hackers — Richard Zhu (Richard Zhu) and Kama Amat (Amat Cama) – has demonstrated a working way to access photos that have been deleted from the iPhone.
To gain access to the pictures that were removed from the gallery iPhone X with iOS 12.1 installed, the experts used a vulnerability in the Safari browser, but rather in a dynamic JIT compiler. According to the hackers, a similar attack can be performed remotely. This will require a specially configured access point Wi-Fi.
It is noteworthy that this vulnerability is not only in iPhone. A similar method, Richard Zhu and Amat Kama used to retrieve the data stored in the memory of different Android smartphones including Samsung Galaxy S9 and Xiaomi Mi 6.
Hackers have already reported his findings to Apple. However, the cupertinos have not yet acted on the new information and closed the vulnerability. The specialists were one of the winners of Mobile Pwn2Own and got the title “Master of hacking” and the award in the amount of $ 50,000.