We all know that sinking feeling of accidentally deleting a file or photo and not having any way of recovering it. This is why iOS devices, when a photo is deleted, it gets sent to a “Recently deleted” folder which basically gives users about a month or so to recover it, after which it will be deleted permanently.
Unfortunately for iOS users, it appears that hackers Richard Zhu and Amat Cama have discovered an exploit with Safari on the iPhone X that allows them to steal your “deleted” files. This was demonstrated during the Mobile Pwn2Own contest which took place in Tokyo, Japan recently. Their demonstration of the exploit nabbed them a $50,000 bounty.
It also turns out that this exploit isn’t limited to just photos. The hackers found that it could also be used to access other data that the JIT compiler processes, which means that aside from photos, it is possible that other bits of data on an iPhone could be accessed and stolen as well. Apple has since been notified of the exploit but have yet to issue a comment regarding the latest discovery, but hopefully the company is already working on a patch for the issue.
While we have yet to hear about this exploit being used in the wild, in the meantime for those who want to keep themselves safe, staying off public WiFi networks for now might be a good idea, and also perhaps consider cleaning out your “Recently deleted” photo album every now and then.