Apple prides itself on the iPhone’s state-of-the-art security system, but researchers suggest that is what allowed for the attack on Amazon CEO Jeff Bezos’ smartphone.
The tech giant controls the operating system and because nearly every iPhone is running on the same version, a sophisticated attacker finds a single vulnerability they can penetrate any phone– even high profile individuals.
Apple believes less visibility into the system means fewer bugs will be discovered, allowing it to stay more secure – so the firm is very secretive about the code.
In Bezos’ case, hackers likely exploited a series of bugs Apple had overlooked that let them bypass all the layers of the ‘phone’s considerable defenses’, according to The Washington Post.
Experts are now suggesting ‘VIP and special people’ trade in their iPhones for a custom Android smartphone, because although it may have more vulnerability, it allows professionals to find and fix them.
Scroll down for video
Apple prides itself on the iPhone’s state-of-the-art security system, but researchers suggest that is what allowed for the attack on Amazon CEO Jeff Bezos’ (pictured) smartphone. In Bezos’ case, hackers likely exploited a series of bugs Apple had overlooked make their was through all the layers of the ‘phone’s considerable defenses
News surfaced last week that Bezos’ iPhone X was hacked in 2018 after he received a malicious WhatsApp message from the crown prince of Saudi Arabia, months before the National Enquirer exposed his affair.
According to forensic examination of the phone afterwards, the message was sent on May 1, 2018.
Within hours, a large amount of data from Bezos’ iPhone was extracted.
Apple has long been against letting security researchers bypass security restrictions to peer into the operating system in order to sniff out vulnerabilities that may have gone unnoticed.
However, security researchers are trying new ways to work around Apple’s gridlock to determine whether iPhones have been hacked.
News surfaced last week that Bezos’ iPhone X was hacked in 2018 after he received a malicious WhatsApp message from the crown prince of Saudi Arabia (pictured), months before the National Enquirer exposed his affair. Within hours of the receiving the message, a large amount of data from Bezos’ iPhone was extracted
Zec Ops, a two-year-old cybersecurity firm, focuses on helping on companies and high-profile individuals.
Customers are asked to hook their iPhone up to a computer or kiosk that uploads data logs to a server, so Zec Ops employees can see what is going inside the technology.
Zuk Avraham, co-founder and CEO of Zec Ops, that to the untrained eye, the logs look like jumbled computer code.
But for those proficient in the technology, it provides clues that a hacker may have left at the scene.
After analyzing tens of thousands of phones, Avraham says he estimates 2 to 3 percent of them showed possible indicators of attacks.
‘Apple is doing a relatively great job at securing those devices,’ Avraham said.
But breaking into one remotely ‘is still within the capabilities of a talented individual.’
Researchers are also using the process called ‘jailbreaking’, which requires them to physically install new software onto the smartphone.
However, Apple has noted time and time again, that doing so violates a federal law known as the ‘Digital Millennium Copyright Act.’
Google, on the other hand, seems to believe the more the eyes the better.
The firm has given the public access to its operating system, allowing them to look for flaws that may have otherwise never been found.
It also allows researchers to use virtual Android devices.
When researchers are able to penetrate an iPhone’s iOS and find flaws, they actually hide their findings from Apple.
When researchers are able to penetrate an iPhone’s iOS (stock) and find flaws, they actually hide their findings from Apple. They are concerned that Apple will immediately ‘patch’ them’ and prevent these experts from conducting further testing
They are concerned that Apple will immediately ‘patch’ them’ and prevent these experts from conducting further testing.
The Washington Post also noted that the ‘black market for iPhone bugs has flourished’ and these individuals are offering their hacking abilities to the government, or anyone who is willing to pay.
The United Nations issued a report last week suggesting that the malicious that malicious spyware created by Israeli company NSO Group may have been used by Saudi Arabia to hack Jeff Bezos’ phone and steal his nude selfies.
The UN high commissioner for human rights suggested that NSO Group’s Pegasus spyware was the ‘most likely’ explanation for data that was stolen from Bezos’ phone.
The report notes that the Saudi Royal Guard acquired the Pegasus-3 spyware from NSO Group in a November 2017 contract.
The U.N. experts said Bezos’ phone hacking occurred during a period in which the phones of two close associates of Jamal Khashoggi were also hacked, allegedly using the Pegasus malware.