As a general rule, if you avoid clicking suspicious links that may appear on your phone – whether sent via text message or displayed as a pop-up ad in your browser – the odds of your device being infected with malware is slim to none.
Despite the fact that security researchers from the Google Project Zero team recently unveiled a sophisticated exploit that would allow a malicious actor to take control of a targeted device without any interaction from the device owner at all. As Google scientist Natalie Silvanovich detailed during a presentation at the Black Hat security conference this week, there are a handful of iOS 12 exploits – which have since been lapped by Apple with iOS 1
"These can be turned into the kind of error that will execute code and can eventually be used for armed things like access to your data," Silvanovich said in comments obtained by Cable . "So at worst, these are the bugs used to harm users.
Interestingly, Silvanovich noted that she found no similar exploits involving regular SMS, MMS and visual voicemail. However, iMessage provided a surprising number of exploits, a fact that may be attributed to how feature rich the application is.
This may be because iMessage is such a complex platform that offers a variety of communication options and features, including Animojis, rendering of files that photos and videos and integration with other apps – everything from Apple Pay and iTunes to Fandango and Airbnb, all of these extensions and connections increase the likelihood of bugs and weaknesses.
In the open market, an interaction-free iOS bug like the ones discovered by Silvanovich and her Project Zero partner Samuel Groß, easily sold for millions of dollars, in other words, it's fortunate that iOS 12 utilizes the thoughts were uncovered by Google's Project Zero team unlike any other.
At this point, you may remember that a Dubai-based startup last year started offering hackers upwards of $ 3 million for zero-day iOS exploitation. In the past, you might remember that a company called Zerodium paid $ 1 million to a group of hackers who somehow came to remove jailbreak from an iPhone.
Silvanovich's presentation deck can be seen in full here.