Apple investigating report of a new iOS email exploit being used in the wild

ZecOps, a cyber-security firm, said today it detected attacks against high-profile targets using a new iOS email exploit. Apple is currently investigating the matter, and the company is preparing a security update to be made available soon.

Catalin Cimpanu for ZDNet:

iOS email exploitIn a report published today, ZecOps said it found evidence that hackers have been using an iOS bug since at least January 2018. Researchers say the new iOS exploit appears to have been leveraged as part of malformed emails sent to high-profile iOS users.

ZecOps researchers say the attack is a zero-click exploit that doesn’t require users to interact with the email, with the exploit triggering once the user receives the email or the user opens the Apple Mail app…

“We believe that these attacks are correlative with at least one nation-state threat operator or a nation-state that purchased the exploit from a third-party researcher in a Proof of Concept (POC) grade and used ‘as-is’ or with minor modifications,” ZecOps said. ZecOps did not want to name the “nation-state” group who they believe was exploiting this bug…

ZecOps said it notified Apple on February 19. Initially, ZecOps reported what appeared to be a regular security bug, and worked with Apple to patch the issue. Apple published a patch for this bug on April 15, with the release of iOS 13.4.5 beta.

MacDailyNews Take: Obviously, stop using Mail on your iPhone, iPad, and/or iPod touch for now and as soon as iOS 13.4.5 and iPadOS 13.4.5 become available to the public, users should upgrade ASAP. Read more about this issue via ZecOps here.


  1. It’s all Greek to me. Reading that article looked like I was looking at an alphabet soup. Would anyone care to explain in layman’s terms? It would be greatly appreciated, especially coming from a non-techie.

  2. Hey MACDaily bring back the advertising your bulletin
    “To those who’ve contributed, thank you! “
    Is a nuisance on every article and you can’t get rid of it very easily.
    The advertising is much more interesting in your bulletin……

  3. Hold everyone’s horses here! It’s not what ZecOPs is claiming. Read the article and their website for real data on what they’ve actually claim, not the hype!

    Nowhere does Avraham say he’s in possession of an “in-th-wild” weaponized email that’s actually been used to crash and raid data from an iOS device! He’s reporting that he’s found a vulnerability which could be used to do that.

    He specifically states that he’s discovered by analyzing crash reports!

    Avraham based most of his conclusions on data from “crash reports,” which are generated when programs fail in mid-task on a device. He was then able to recreate a technique that caused the controlled crashes.

    Two independent security researchers who reviewed ZecOps’ discovery found the evidence credible, but said they had not yet fully recreated its findings.

    It has NOT been duplicated in peer review, and he doesn’t have a real “exploit” but a theoretical vulnerability that could have been used the way he claims, but no evidence it has been. He then makes the illogical leap that his mythical, magical hackers can also install more code to hijack the entire iOS device once this vulnerability has crashed it and forced a restart. Say what?! No way!

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.