iLeakage Hackers Can Read Gmail On All 2020 Or Later iPhones And Macs



Security researchers have discovered a new exploit technique called the "iLeakage Attack" that can exploit processors' speculative execution feature. Specifically, an attacker may be able to steal passwords and extract data from pages in the Safari browser on Apple silicon (M-series processor) Macs.


The exploit can be deployed against Apple devices from 2020 onwards with the A and M series CPUs and targets the Safari web browser as well as any browser app running on an iPhone or iPad.


In a paper, the researchers reveal the full extent to which this exploit could be used. A hacker could recover sensitive information by inducing Safari or another WebKit-based browser to render an arbitrary page. "In particular, we demonstrate how Safari allows a malicious webpage to recover secrets from popular high-value targets," the researchers reveal, including "Gmail inbox content." But the problems don't end there; the researchers also demonstrate exploits that can lead to "the recovery of passwords" when auto-filled by password managers.


The researchers state that when it comes to Gmail, one of the world's most popular email providers with billions of users, an exploit target is likely to be signed into their personal Google account. "By having the event listener inside the attacker's page access execute window.open(gmail.com)," the researchers explain, "we can consolidate the target's inbox view into the attacker's address space. We then leak the contents of the target's inbox."


According to the researchers, Apple was made aware of the iLeakage exploit discovery on September 12, 2022. So far, the only mitigation from Apple in more than a year would appear to be reserved for Safari on Macs only running macOS Ventura 13.0 or later, which is considered unstable in use and isn't enabled by default. There is no mitigation for iPhone or iPad users at this point in time, although Apple is understood to be working on a fix.


As far as is known, iLeakage exploits have not been used in the wild. However, the exploit leaves no traces of an attack within system log files.


What you need to do to protect yourself



  • Keep your software up to date. Apple is expected to release a patch for this exploit in a future software update.

  • Be careful what websites you visit. Avoid clicking on links in emails or messages from unknown senders.

  • Use a strong password manager and enable two-factor authentication on all of your accounts.

  • Be aware of the risks of using public Wi-Fi networks. Avoid accessing sensitive information when using a public Wi-Fi network.


If you think you may have been affected by this exploit, you should change your passwords immediately and contact your bank or other financial institutions to report any suspicious activity.




Uzair

Winston is a tech and business writer with over 3 years of experience. He is passionate about helping businesses succeed by providing them with informative and engaging content that covers the latest trends and developments in these fields.

Previous Post Next Post