Hackers are always looking for ways to benefit from iOS vulnerability to access users’ iPhones with a crafted email tactic. New research discovered a zero-click security vulnerability in Apple macOS. The discovered vulnerability can allow the cyber-criminal to add or transform any arbitrary file inside the Mail’s sandbox environment. All this can result in various cyber-attacks.
The founder and CEO of SensorFu Mikko Kenttala made this shocking revelation. According to the security researcher, if the bug is further exploited, it can lead to user-sensitive data exposure to a third party. It can change the targeted victim mail configuration. This includes mail redirects that can get hold of the victim’s other accounts, too, by resetting the passwords. Moreover, the bug can change the victim’s configuration to deliver the attack to the target in a worm-like fashion.
The researcher also found the bug CVE-2020-9922 by sending text messages followed by mail process syscalls. The uncompressed data components are not removed from the temporary directory, and the directory serves various functions. All this makes the attackers stick within the environment.
The research analysis shows, the attacker can email two zip files as attachments to the target to exploit the bug. When the recipients receive the bogus email, the mail app looks for attachments with x-mac-auto-archive= yes header. Later the app, unpack those files automatically.
The zero-click attacks via message services have been quite a popular attack vector in the past. You need to an unpatched vulnerability in the messaging app to gain access to the victim’s system. The method is more applicable to emails. It’s because messengers are active significantly more on smartphones, and it is easy to launch malware on these devices.
In April 2020, the cybersecurity firm ZecOps also discovered a flaw with the official Mail app of the iOS. According to the report, you can set off the software to run a rogue computer code when it manages an email that takes up a large amount of the RAM.
The worst aspect of the report was how the crafted email could trigger it without any user interaction. The attacker works in the background as the mail app loads the email.