A vulnerability in Apple Watch Walkie Talkie app could allow hackers to spy on iPhone users. Read on to know more about it…
A security vulnerability in Apple Watch Walkie Talkie app could allow an attacker to eavesdrop on another iPhone user without their consent. The Walkie-Talkie app enables people who accept an invitation to talk with friends in real-time without the hassle of making a phone call. Parties press a button when speaking and release it to hear what the other party says. Apple introduced the feature last year as part of its WatchOS 5 update.
In technical terms, the Walkie Talkie app for Apple Watch provides its users an ability to invite each other to communicate via audio chats through a “push to talk” interface. It provides an experience similar to the PTT buttons found on old cell phones and walkie talkie devices.
The Walkie Talkie app on Apple Watch suffers from a serious vulnerability that can allow attackers to spy on iPhone users without their consent. Apple has not disclosed any specific details about the vulnerability.
The vulnerability in the Walkie Talkie app was reported to Apple through the company’s vulnerability portal.
Apple disabled the Walkie Talkie app and apologized for the bug and the inconvenience caused until it gets fixed. Apple stated that there is no current evidence of the flaw being exploited in the wild. As a precautionary measure, Apple has chosen to disable the Walkie Talkie feature on Apple Watch until it is updated with a fix.
“We were just made aware of a vulnerability related to the Walkie-Talkie app on the Apple Watch and have disabled the function as we quickly fix the issue. We apologize to our customers for the inconvenience and will restore the functionality as soon as possible. Although we are not aware of any use of the vulnerability against a customer and specific conditions and sequences of events are required to exploit it, we take the security and privacy of our customers extremely seriously. We concluded that disabling the app was the right course of action as this bug could allow someone to listen through another customer’s iPhone without consent. We apologize again for this issue and the inconvenience,” read the statement from Apple, TechCrunch reported.
Previous Privacy Issues
The Walkie-Talkie suspension comes four months after Apple came under sharp criticism for its handling of an eavesdropping vulnerability in the FaceTime messenger app. FacePalm, as the vulnerability came to be known, allowed people to listen to audio from another device simply by initiating a FaceTime call and using a widely used Group feature for conference-call-style chats. While people on the receiving end saw a call was coming through, they had no idea that the person trying to connect could already hear nearby audio and, in many cases, see video from the device’s camera.
Apple failed to take action on the bug for more than a week after receiving emails from a woman who reported that her 14-year-old had found the vulnerability. Apple finally patched the flaw after word of it spread virally on social media and attracted attention from New York Attorney General Letitia James.