Wed. Jul 6th, 2022

Facebook & Dropbox iPhone App Vulnerable To Online Identity Hacking

The iOS might be not secure platform for the users anymore, due to third party access over its very own system. The very minimum access of legit developers on its owned file-system could also lead to be hacking and credential theft. According to a new security report, the Facebook and Dropbox iOS app is vulnerable to a little hack, which indirectly allows hackers to obtain access over your online identity with a little access on your device. Basically, it is neither the fault of Apple nor the iOS, it is a loophole in the Facebook and Dropbox iOS app, which saves the authentication tokens on the device without any kind of encryption and hard permission settings on the device.


The non-encrypted files can be easily available through connecting the device with any dock connection or a charging connection with a computer for a couple of minutes. The hackers can easily obtain these files, if you connect your device at public or unsecured charging dock station. The file apparently allows hackers to copy the content from one connected device to another device without any kind of security barrier, and this loophole actually allows users to access someone’s identity on other devices without even any kind of sign.  The security hole highlighted by Gareth Wright, who firstly, launched a testing application in the field to check whether he is able to remotely copy the files from the devices or not, and the results were shocking. He is successfully able to copy the files. It means a person with this security loop can easily collect your identity remotely from your device.

Initially, on the claim, Facebook reported that it only happened on the modified iOS firmware version, not on the genuine iOS firmware version by Apple for the iOS devices, but after a deep research by the security firm it is reported that the loop hole is also vulnerable on non-jailbroken devices, and someone can easily access these files using third-party tools like iExplorer on any public place, where you put your device on charging or for a sync.

However, there are no reports from the community; actually, no one is currently using this information to hack users information, but we recommend you to avoid connecting your device at public charging hubs or public WiFi connections because there might be some tools that allow you to browse your device over the WiFi network.