In a report published by the researchers (via Patently Apple), they are suggesting that Apple should probably replace the current method of encryption used by iMessage. They claim that the platform is vulnerable to a ciphertext attack that allows the decryption of certain types of payloads and attachments, regardless of whether the sender/receiver is online.
However they note that this will require quite a bit of technical expertise to pull off, meaning that maybe it might not be so easy for the average hacker, but they still think that maybe Apple could make the system more bulletproof all the same. “Overall, our determination is that while iMessage’s end-to-end encryption protocol is an improvement over systems that use encryption on network traffic only (e.g., Google Hangouts), messages sent through iMessage may not be secure against sophisticated adversaries.”
So should you be worried? Like we said, it will take quite a lot of work for this to be pulled off, but it would be nice if Apple were to take a look into it all the same.