There's a misconception that's existed among iPhone owners for a long time: That Apple's smartphone is basically impenetrable to hackers.
As we found out over the weekend, that sentiment is far from reality. Malware called XcodeGhost infected dozens of apps in the App Store, including the massively popular WeChat, with the intention of collecting peoples' passwords and sensitive data.
Now there's a $1 million bounty for a hack that would allow someone to remotely break into iOS 9, Apple's latest software update for the iPhone and iPad.
The iPhone may still be generally safer from malware than Android, but that doesn't mean it's unhackable.
Until the recent XcodeGhost vulnerability that affected dozens of popular apps, a total of only five apps containing malware had been discovered in the App Store, according to security firm Palo Alto Networks. That number doesn't include hacks of Apple's devices that have occurred outside of the App Store, like a recent hack of over a quarter million iCloud accounts tied to jailbroken iPhones.
While it's alarming that the iPhone could be hacked at all, the number of successful attempts to compromise Apple's security is dwarfed by hacks on Google's Android OS. A 2014 study by Motive Security Labs found that malware attacks on Android had caught up with attacks targeted for Windows laptops. The iPhone accounted for less than 1% of mobile malware.
But now that the iPhone has overtaken Samsung as the world's most popular smartphone, according to research firm Gartner, more attention is being turned towards the hacking of Apple's ecosystem. Wired reports that the highest bounty to ever be offered for an iPhone hack is currently $1 million.
Security research firm Zerodium announced "The Million Dollar iOS 9 Bug Bounty" on Monday, which will offer a $1 million reward up to three times for iOS 9 exploits that can remotely hack an iPhone through its web browser.
"Apple iOS, like all operating system, is often affected by critical security vulnerabilities, however due to the increasing number of security improvements and the effectiveness of exploit mitigations in place, Apple's iOS is currently the most secure mobile OS," saidZerodium on its website. "But don't be fooled, secure does not mean unbreakable, it just means that iOS has currently the highest cost and complexity of vulnerability exploitation and here's where the Million Dollar iOS 9 Bug Bounty comes into play."
When it comes to hackers who want your data, Apple won't always be able to protect you.