Yandex found vulnerability in iPhone։ How dangerous is it?

Yandex has issued a warning about a potential threat to iPhone owners related to a new feature in the iOS 17 operating system. The concern revolves around the Contact Posters feature, allowing iPhone users to choose images and names displayed to other iPhone owners when they receive a call. According to Yandex, malicious actors could exploit this feature to deceive users by simulating calls from the police or a bank security service.

Renat Grishin, the chief editor of AppleInsider.ru, believes that this vulnerability does not pose a significant threat. He stated that to mislead users, the perpetrator needs to call specifically from an iPhone, while many large-scale fraudulent groups operate through call centers and sophisticated programs for impersonation. "For now, it looks like a purely theoretical possibility," Grishin added.

At the same time, Yandex reported that they have informed Apple about the identified issue and requested the company to address the vulnerability. Igor Bederov, the owner of Internet Search Company, expressed confidence that this oversight would be rectified promptly. "This is a minor vulnerability related to just replacing the user's image. With the capabilities of iOS, it is certainly fixable, I believe, in a short amount of days, if not hours," he noted.

The expert also reminded users to remain vigilant when receiving calls from unknown numbers. "The rules are the same: always assume that a malicious actor is calling, and you can always call back to the police department, the bank, or anywhere to verify if they genuinely tried to contact you. It is not advisable to immediately disclose any codes to the caller," the expert cautioned.