Trusted Reviews may earn an affiliate commission when you purchase through links on our site. Learn More

iPhone X vulnerability can let hackers steal your deleted photos

Researchers have discovered a worrying and potentially extremely embarrassing iPhone X vulnerability. It could allow hackers to get their hands on your deleted photos and other files you may have thought you’d got rid of for good.

Richard Zhu and Amat Cama exposed the security flaw at Mobile Pwn2Own 2018 this week, and were awarded with $60,000 in prize money (via Forbes).

Read more: Apple Black Friday deals 2018

They demonstrated the exploit on an iPhone X running iOS 12.1 − at present the most up to date version of Apple’s mobile operating system. Apple has been informed of the vulnerability, but is yet to roll out a fix.

First, a little background. Deleting a picture or file on an iPhone isn’t as simple as you might think.

When you hit delete, it isn’t actually deleted straight away, but is instead sent to a ‘Recently Deleted’ folder. It will then sit there for up to 30 days, before being properly deleted.

During this time, you can dive into the Recently Deleted folder and either manually delete the file, or recover it.

Forbes reports that the Zhu and Cama found a way to access ‘Recently Deleted’ files by exploiting the iPhone X’s JIT (just-in-time) compiler − which is supposed to help iPhones run faster − via an attack over a malicious Wi-Fi access point.

Read more: Black Friday deals 2018

The Mobile Pwn2Own 2018 organisers described the attack as a “coffee shop scenario”, so fingers-crossed Apple rolls out a protective update sooner rather than later.

How much does this type of vulnerability worry you? Let us know over on Twitter @TrustedReviews.

Unlike other sites, we thoroughly review everything we recommend, using industry standard tests to evaluate products. We’ll always tell you what we find. We may get a commission if you buy via our price links. Tell us what you think – email the Editor