Apple is always proud of its security and user privacy. However, according to the new CheckPoint report, this boasting is now under vulnerability. Researchers found that iPhone users save contacts to their iPhone contact app and the app is vulnerable to an SQLite hack attack and that can also infect your device with malware viruses.
SQLite is a database engine accessible worldwide, and you can access it from any of your device operating systems. If you have Windows 10, macOS, iOS, Chrome, Safari, Firefox, and Android, you can use SQLite. But the Security firm Check Point noted that some malicious people are using a technique to manipulate Apple’s iOS Contacts app. And searching the contact app in this situation can trigger your device to run various malicious codes according to Appleinsider which reported on Sunday. And they also identified the vulnerability in the industry-standard SQLite database.
As per some reports documented in a 4,000-word report, Apple’s hack involved in replacing one part of Apple’s Contacts app. And this happens when other apps or any other executable code has to go through Apple’s startup checks along with the SQLite database if that is not correctly executable.
“Persistence (keeping the code on the device after a restart) is hard to achieve on iOS as all executable files must be signed as part of Apple’s Secure Boot. Luckily for us, SQLite databases are not signed,“- Check Point researchers said in a report. However, Apple has not reclined or confirmed anything about the Check Point report as of now.
Have you noticed similar kind of vulnerability while using your iPhone contact app? You can express your views in the comment box below.