• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 24th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security

Security Bug Makes Millions Of iOS 8.3 iCloud Passwords Vulnerable

June 12th, 2015 Waqas Security 0 comments
Security Bug Makes Millions Of iOS 8.3 iCloud Passwords Vulnerable
Share on FacebookShare on Twitter

You may need to change the password of your iOS device as a security researcher reported that a flaw in Apple’s systems can let hackers send iCloud users phishing emails, making millions of accounts vulnerable.

Jan Soucek (@jansoucek), a white hat hacker or someone who uses his technical skills for good purposes not evil, developed an iOS8.3 mail.app popup, which resembles the sort of messages sent normally by Apple users when they are asked to submit their password. However, instead of offering the iCloud user access to the account the popup lets hackers gain control of the targeted computer, Soucek says.

Apple ID holders with two-step verification enabled may see a few more padlocks on their iCloud screens. Screenshot/Apple

Apple ID holders with two-step verification enabled may see a few more padlocks on their iCloud screens. Screenshot/Apple

The presence of any such security bug hasn’t been verified by Apple but the firm didn’t reply Soucek when he reported this issue.

Soucek attached a video footage about how the hack attack can be conducted and wrote on a GitHub page that:

“This bug allows remote HTML content to be loaded, replacing the content of the original email message. JavaScript is disabled in this UIWebView, but it is still possible to build a functional password ‘collector’ using simple HTML and CSS.”

Nonetheless, the iPhone/iPad maker is yet to confirm the vulnerability and also, none of the iCloud users have been affected by this bug. But, we can conclude this is may prove to be another headache for the iCloud that has already been exploited a lot previous year when hundreds of nude photos of celebrities got leaked.

Watch the video uploaded by hacker below:

[src src=”via” url=”http://www.theregister.co.uk/2015/06/10/passwordflogging_phishing_tool_pwns_every_ios_mail_app/”]The Register[/src]

[src src=”source” url=”https://github.com/jansoucek/iOS-Mail.app-inject-kit/tree/master”]GutHub[/src]

  • Tags
  • Apple
  • Bug
  • ICLOUD
  • iOS 8.3
  • iPad
  • iPhone
  • Nudes
  • security
  • Vulnerability
Facebook Twitter LinkedIn Pinterest
Previous article Facebook Users Left Red-Faced After Porn Malware Attack
Next article Canadian Hacker Jailed in U.S. for Hacking Military and Xbox
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
SonicWall hacked after 0-day flaws exploited by hackers

SonicWall hacked after 0-day flaws exploited by hackers

Gamarue malware found in UK Govt-funded laptops for homeschoolers

Gamarue malware found in UK Govt-funded laptops for homeschoolers

Shazam Vulnerability exposed location of Android, iOS users

Shazam Vulnerability exposed location of Android, iOS users

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
SonicWall hacked after 0-day flaws exploited by hackers
Hacking News

SonicWall hacked after 0-day flaws exploited by hackers

53
Massive privacy risk as hacker sold 2 million MyFreeCams user records
Cyber Crime

Massive privacy risk as hacker sold 2 million MyFreeCams user records

101
Gamarue malware found in UK Govt-funded laptops for homeschoolers
Security

Gamarue malware found in UK Govt-funded laptops for homeschoolers

518

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us