Two hackers-security professionals received the award in 50 thousand dollars for each found vulnerability that allows you to recover previously deleted photos or files in iOS.
Richard Zhu (Richard Zhu) and Kama Amat (Amat Cama) teamed Fluoroacetate in the competition for security Mobile Pwn2Own held in Tokyo on Wednesday. They attacked the iPhone X is installed fresh iOS version 12.1, using vulnerability in browser Safari. They used physical access to the device, but we are convinced that the same can be done through “malicious” access point Wi-Fi.
As it turned out, the deleted files remains on the drive. When a user deletes photos from your iPhone X, the system will usually warn you that this photo will be deleted from iCloud Photos on all devices user. After this removal of photos can be found in the folder “recently deleted” and then you can restore them or permanently deleted, and not wait for their disappearance to 40 days.
Now hackers have found a way to recover these photos, it seems completely disappeared from “recently deleted” using a vulnerability in the JIT compiler.
According to the rules Apple has informed about found “hole” in security, but until it is fixed.