World’s most secure device IPhone x can also get hacked, can get recently deleted photo out of phone

NP NEWS 24 ONLINE – Clicking photos is arguably one of the most common things people do with their smartphones these days. And with mobile devices coming with copious internal storage, majority of users never really delete all those photos that they take. Not just that, many users also have a lot of their important files stored on their smartphones. If that includes you, and you happen to have an Apple smartphone, we’d advise going the extra mile to ensure the security of the data you have stored on it.

Two hackers have collected a bounty of $50,000 for finding an exploit in the iPhone X that lets you recover a previously deleted photo or file. During a mobile contest where hackers located bugs in iOS and Android, two hackers Richard Zhu and Amat Cama uncovered the vulnerability today and presented it in a demo. So far, Apple has been notified about the bug but it remains accessible at least until the next iOS update, as first reported by Forbes.

While the attack requires some access to the target device, researchers believe it could be deployed through a malicious Wi-Fi access point, putting it within reach for many attackers.

Normally, whenever a photo is deleted on the iPhone X, iOS prompts the user with a ‘This photo will be deleted from iCloud Photos on all your devices’ message, along with a ‘Delete Photo’ button. Once that’s done, the photo goes to the ‘Recently Deleted’ folder, from where it must be manually deleted. Otherwise, the photo is automatically deleted after a set time-frame.

When you delete a photo on the iPhone X, iOS first prompts you with “This photo will be deleted from iCloud Photos on all your devices,” accompanied by a Delete Photo button. After doing so, you’ll see the photo in the Recently Deleted folder (it gets deleted immediately if you don’t have any iCloud storage left). You can then head to Recently Deleted in order to delete the photo immediately, otherwise it will be slowly deleted after up to 40 days have expired.

However, the two hackers discovered a way for remote actors to recover these Recently Deleted photos. The two found a vulnerability in the just-in-time (JIT) compiler, which is supposed to process computer code as a program runs, hence the name. If the compiler is compromised, it’s possible for attackers to retrieve the recently deleted files. In theory, any data processed by the JIT compiler could be vulnerable to the attack; researchers simply used a photo as a proof of concept. We’ve reached out to Apple for comment on when the bug will be fixed.