Apple iPhone X Hacked at a mobile event held in Tokyo

In Tokyo, a contest named Mobile Pwn2Own runs twice a year where security researchers demonstrate their skills to check on the vulnerabilities on the latest smartphones. Recently, at the event, two hackers have gained $60,000 for successfully hacking the iPhone X and finding a vulnerability. Two hackers were able to recover a previously deleted photo, which is certainly a vulnerability for the last year launched iPhone X.

Security researchers named Richard Zhu and Amat Cama found a way to recover a photo from the Recently Deleted Folder on the iPhone X. They also said this hack could be performed by accessing the iPhone through a malicious Wi-Fi access point (usually the free public Wi-Fi services offered in a coffee shop and so on).

In general, if you are an iOS user, you would already know that deleting a photo from the app sends it to the recently deleted photos folder on the device, in which the photo expires automatically after 40 days. However, the hackers found a vulnerability to recover deleted photo from the respective folder.

The two hackers performed this hack on the iPhone X by just-in-time (JIT) compiler, that usually processes the code as the program operates. The vulnerability of the compiler on the iPhone allowed the hackers to recover the already deleted photo. Apple has been informed about the hack after the contest, the response from the Cupertino tech giant is yet to be known.

Source