A security company has discovered a vulnerability in the Mail app on iPhones and iPads. As a result, it has been possible since at least 2018 to hack the devices remotely and steal data.
The problem was discovered by the American security company ZecOps, which conducts forensic investigations into mobile security.
Following an attack against a customer, the company searched for the origin and discovered a leak in the Mail app in iOS.
What makes the vulnerability extra dangerous is that hardly any interaction is required. The victim receives a specially formulated mail that causes the mail application to crash and restart.
This crash makes it possible to obtain data such as photos, contacts or the contents of the mailbox.
An estimated half a billion iPhones and iPads, virtually all devices, are susceptible to the problem.
The problem has arisen since iOS 6, which was released around the time of the iPhone 5 in 2012, and has been actively exploited since January 2018.
The leak may have been utilised by hackers before, but the security company cannot say with certainty.