The source code to a key piece of iPhone software was recently published on the hosting site Github, the site Motherboard reported, in what one security researcher described as the “biggest leak in history.”
An unknown leaker published the entire source code that powers iBoot, the software that is behind Apple's iOS mobile operating system. After Motherboard initially reported on the leak, Apple successfully had the code removed via a Digital Millennium Copyright Request.
But in that request, Apple also indirectly confirmed that the code was legitimate. The breach creates what tech sites say is a potential security nightmare for customers and the company.
It’s not the first time that someone has posted iBoot’s code online; Motherboard also discovered that the code was published to the site Reddit by a user named “apple_internals” last year.
“iBoot is the one component Apple has been holding on to, still encrypting its 64-bit image,” security expert Jonathan Levin told Motherboard. “And now it’s wide open in source code form.”
With access to the iPhone’s source code, experts warn that criminals may be able to more easily hack into consumers’ phones remotely.
How to tell if your phone was hacked
Consumers who suspect they have been hacked should be on the lookout for any apps that they don’t remember downloading. Experts also say that receiving unusual text messages, an unusually slow or hot phone, or unexpected data charges are all signs of a potential hack.
In the event of a hack, INC.com advises consumers to wipe their phones clean and restore factory settings or visit a professional if possible.
The source code leak is only the latest to reveal potential flaws in Apple’s security. In January, Google researchers discovered a computer bug that could allow hackers to access iPhones and other Apple devices. Apple confirmed that the bug was real and promised to fix it.
Before this year’s breaches, experts had typically considered iPhones and Apple devices to be less vulnerable to hacking than phones powered by Android software.