Two hackers have netted themselves a $50,000 bounty for discovering a flaw on the iPhone X, allowing for the recovery of recently deleted photos (and potentially other information) supposedly removed from the device.
The flaw was found as part of the Mobile Pwn2Own contest, which recently took place in Tokyo. The two hackers who discovered it were Richard Zhu and Amat Cam. They have passed the information along to Apple, but as of time of writing it still exists on iOS.
The vulnerability was found in iOS’s just-in-time (JIT) compiler. An attack could be carried out using a malicious Wi-Fi access point, thereby making it a so-called “coffee shop scenario” for hackers. It exploits the way that Apple’s file deleting system works. On iOS, when a file is deleted it remains on the device in some form for 30 days, prior to being completely deleted with no chance of recovery.
While these 30 day+ files cannot be recovered by hackers, the vulnerability would allow them to access newly deleted images. It’s not clear whether the hack applies to iPhones other than the iPhone X.
Apple’s bug bounty
While this payout came from a third-party bug bounty program, Apple also offers hackers the chance to earn a payout if they discover vulnerabilities on the Mac or iOS. The program was launched in September 2016, and offers rewards of up to $200,000.
The program isn’t open to everyone, though. Instead, it is an invite-only program available only to approved researchers who have disclosed bugs to Apple in the past. Apple encourages hackers to donate their winnings to charity.