Researchers have discovered an exploit that allows an attacker to access deleted files on an iPhone running the most recent version of iOS. The exploit was first seen at the Pwn2Own contest in a live demo. Researchers used a photo from the “Recently Deleted” directory. This directory is a holding location for photos that are deleted and the photos will remain there for a few weeks. This means that if the user wishes, they can retrieve the photo before it’s permanently deleted. To exfiltrate deleted photos, researchers used exploits in the Safari browser to trick iOS into letting them gain access to sensitive information. The good news is that it’s believed that this exploit will be patched before attackers can utilize it.
Analyst Notes
For any user that may be worried, photos can be permanently deleted by going to the Recently Deleted directory and delete photos from there.
