Anyone Can Get Access To Your Photos Owing To The iOS 11 Bug
The newest iOS version has brought several new features for its users. But as per the widely spread video on YouTube, a latent vulnerability is exposed in this recent edition of an iOS mobile operating system that is said to provide access to anyone to the Photos folder on your iPhone.
Initially noticed by iDeviceHelp, a YouTube channel, the vulnerability impinges on iOS 11.0.3, the latest version of the mobile operating system of Apple for the populace, as well as iOS 11.1 beta, mobile operating system’s preview version that was made accessible to developers by Apple this month.
If an iPhone user has the prey device in their custody and knows the Apple ID or phone number of the device, then they can make use of what seems to be a bug in iOS to achieve access to the images saved on the iPhone of the victim, as per to iDeviceHelp. We attempted the exploit on an iOS 11.0.3 running iPhone 8 Plus and were able to get access without inputting a passcode to the Photos folder, as mentioned in the report.
So let’s have a look how it actually works. A FaceTime audio call is made by the attacker to the victim and rather than rejecting or accepting the call, the attacker clicks the button “Message” and chooses the Custom option. Clicking on the Custom option makes the Message app to launch, after which the attacker is needed to randomly choose 3 emoji characters.
The FaceTime call is hanged up after this by the attacker and clicks the Home button to activate Siri and command it to launch Settings. At this instant, Siri will request the invader to unlock the iPhone of the victim. iDeviceHelp mentions that the attacker now requires pushing the power button to set the device in sleep mode.
After doing this, the attacker requires making one more FaceTime Audio call to the victim’s device from their iOS device. Once the device of the victim receives the call notification, they require tapping the Message button once more and then selecting “Custom” setting. At the moment, iDeviceHelp states that the attacker will discover they have full access to the Message application and they can access the Photos folder and choose and send any photos from the device of the victim.
In the meantime, when Apple functions to fix the flaw, a user can potentially seek to disable access to Siri from the lock screen as a temporary solution to put off any person from accessing their data.