Announcement center

Avoid the iOS mail App Vulnerability to ensure the safety of funds

___________.jpg

Constantly monitoring potential security threats is the No. 1 priority at Bitget !

This week, we have learned of a serious exploitable vulnerability in the built-in Mail app on Apple iOS, which was first disclosed by the ZecOps Research Team.

According to the article:

“Following a routine iOS Digital Forensics and Incident Response (DFIR) investigation, ZecOps found a number of suspicious events that affecting the default Mail application on iOS dating as far back as Jan 2018. ZecOps analyzed these events and discovered an exploitable vulnerability affecting Apple’s iPhones and iPads. ZecOps detected multiple triggers in the wild to this vulnerability on enterprise users, VIPs, and MSSPs, over a prolonged period of time.”

The disclosed vulnerabilities have existed since iOS 6 (issue date: September 2012) and affect versions up to iOS 13.

To ensure that you are not affected by this issue, we recommend that you do either of the following:

1. Disable the iOS Mail function

Remove the iOS Mail function by pressing down on the app’s icon. Once all the app icons on the screen start moving, tap the X button in the upper-left corner to remove the Mail app. After that, go to Settings > Password Accounts. Set Fetch New Data to "Manual" and disable "Push." Use dedicated email clients such as Gmail or Outlook, or a web browser such as Safari or Chrome, to access your email.

2. Upgrade to the latest iOS beta (iOS 13.4.5 beta).

You can do this by following the steps here: https://developer.apple.com/support/install-beta/

According to the ZecOps disclosure, “The vulnerability allows to run remote code in the context of MobileMail (iOS 12) or maild (iOS 13). Successful exploitation of this vulnerability would allow the attacker to leak, modify, and delete emails. Additional kernel vulnerability would provide full device access – we suspect that these attackers had another vulnerability. It is currently under investigation.”

We highly recommend that Bitget users take action immediately in order to prevent potential fund security risks. iOS 13.4.5 will fix the vulnerability once it is publicly released by Apple.

Bitget Team

Apr 24, 2020

【Contact Us】

Customer Services:[email protected]

Market Cooperation:[email protected]

Quantitative Market Maker Cooperation:[email protected]

【Official Channel】

Official Website

Official English Telegram Group

Twitter

Facebook

Youtube

Medium

Reddit

Linkedin

Instagram

【Platforms Bitget Settled in 】

CMC

CoinGecko

Cryptoadventure

Related articles

Alert on phishing scam prevention
Bitget to launch BTC/USDT and ETH/USDT spot trading zero transaction fee promotion
#BitgetTurns5: Join Us as We Celebrate Bitget's Fifth Anniversary
Bitget has updated the Proof of Reserves for September 2023
Become a Bitget affiliate
Announcement: Bitget 5th anniversary celebration — win rewards from Collect2Earn!
Announcement regarding the optimization of position tiers for BCHUSDT and PEPEUSDT on Bitget
Bitget updates identity verification
Announcement on risk control terms adjustments
Announcement on The Delisting of TokenFi (TOKEN) and Buyback Plan