Versprite's security researchers have found a security flaw in Airmail for Mac that exposes private data, including accounts-wide e-mail databases. In this attack, you need to open a maliciously crafted e-mail and tap the link in the message. It seems to be a big problem due to combination of technical exploit and phishing attack.
Amazon Prime Try the free trial for 30 days
You can read the vulnerability details of Versprite blog. Essentially, researchers have noticed that Airmail has registered custom URL schemes that can voluntarily send outgoing emails containing specific content and attachments.
They also discovered that the mail database where Airmail stores e-mail messages for accounts is located in the "deterministic" location of the file system. A malicious attacker can combine these two pieces of information.
When the recipient taps, you can create a link that uses the Airmail URL scheme so that it sends a new email attaching all mail messages from the user to the "hacker".
There are some mitigations to consider, but that is a pretty big security issue. First of all, the attacker must know that someone is using Airmail and needs to click on the link of the email sent to the recipient to make it work. This particular attack will not work if the account name is changed from the default. The attacker identified the relevant vulnerabilities and completely removed the necessary user interaction procedures but could not do it in a reliable manner.
If this is exploited in the real world, malicious links may be disguised by some phishing mail. Click here to see important messages …