iLeakage attack steals passwords, texts from Apple devices

'iLeakage' exploits Apple's WebKit, Apple avaScript engi iLeakage powers Ap Nearly six years wser.

A Spectre an be Meltdown d against Macs, iPhones, iPads running Apple's University r M-series chips.

Remote attacker can steal secrets such as Gmail inbox data, text messages, pa Apple Macs ag iPhones lied c iPads tials via autofill fields, and other misc WebKit ous in JavaScript like watch histories Apple Yo Safari

Researchers were able to exploit iLeakage in S Spectre ith LastPass 2018 07.1 installed.

The real-world applicability of this attack is fairly Gmail but the speed of data exfiltration is also glacial.

The accuracy of the attack was impressive and ranged between 90 and 99 percent depending on th YouTube e targeted. Macs Li iPhones __NxlG iPads running Apple 9 percent macOS ed_highLightText__NxlGi">iL Safari five minute Apple an> App Store Text__NxlGi">sec WebKit pa third span class="summary Apple highLightText__ Chrome >24Firefox Safari LightText__NxlGi">Gmail Gmail iPadApple September 12, 2022 ee 408 days ghtText__NxlGi">iLeakage Google Messages Android Register lGi">firstApple LastPass 4.107. Meltdown Spectre s="summar two ed_highLightText__NxlGi">Safari iLeakage summaryFeed_highLightText__NxlGi">Gmail iLeakage Apple two Safari iLeakage ri Apple i">64 Apple CPU st 35 WebKit secondCPU first first _highLightText__NxlGi">95% CPU _NxlGi">2017 CPU Spectre NxlGi">AMD one CIA CPU window. Meltdown an> Spectre lass="summaryFeed_highLightText__NxlGi">two JavaScript APIApple window.open 35 t__NxlGi">Gmail Safari ghLightText__NxlGi">one