A major security breach on the Apple iPhone technology has left the users of iMessages vulnerable to the hackers and they could also be vulnerable to unwanted observation. The recent breach has reportedly impacted 1 billion users and is a failure of its end-to-end encryption process. Apple makes use of end-to-end encryption for its iMessage service. It stops the hackers to peep in to the messages that are being communicated.
At the same time Apple also allows the users to take a back-up of the date with the help of iCloud. This back up also includes the encryption keys that are used for the iMessage. This major loop hole has been mentioned in the document that was assembled from the FBI. The document has mentioned that if the user is using the iCloud backup, the encryption key is also provided with the content return. This means that the hackers can then acquire iMessages from the iCloud returns if the target user has enabled Messages in iCloud.
Earlier in 2021, Apple had issued an emergency software upgrade after a huge security breach had allowed the iPhones to be hacked without user action. Israeli tech firm NSO Group had designed the Pegasus that was a malicious spyware that could film through the user’s camera, hear the calls and even send messages. It targeted Android as well as Apple devices and could also avoid the detection of antivirus software. The spyware has been around since 2016 and a leak in July brought it back to the spot light.
Meanwhile, Zack Doffman, the cyber security expert at Forbes said that he can no longer recommend usage of iMessage as an everyday messenger for the Apple users. Doffman while talking about the latest threat said that Apple needs to change its approach with its iCloud by treating it with priority. He opined that the company should stop storing the encryption keys and should avoid backing up the encrypted data.
Photo Credits: Pixabay