A duo of hackers called “Fluoroacetate” with the help of a couple of bugs was able to recover deleted photos on the device. Hackers demonstrated their method on iPhone X with iOS 12.1.
To recover deleted photos, hackers used a Wi-Fi access point and an “JIT” exploit. For the successful demonstration of the method, they earned $ 60,000 and 10 Master of Pwn points. This exploit can be used not only to recover deleted photos.
The hackers also demonstrated the work of the exploit on Xiaomi Mi 6 through the NFC system, for which they won another $ 30,000 and 6 Master of Pwn points.
The day began with the fact that the Fluoroacetate team successfully hacked the Xiaomi Mi6 smartphone via the NFC system. By using the « TOUCH to- the connect» smartphone hackers forced open a web browser and go to their own website. During the demonstration, no one understood what was going on until it was too late. In other words, the user could not prevent it in the real world.
Apple is already aware of the bug and, most likely, will fix it in the iOS 12.1.1 update.