Mail application a iOS 8 it is vulnerable to an extremely dangerous bug that can leave your login data for a multitude of important accounts, be it Apple's or others. In the video clip below you can see a demonstration of how the existing vulnerability in the Mail application of the operating system works and basically it displays a login interface for an account, iCloud or of another nature, to a victim, but everything is a simple trick .
Although the user has the impression that he has to log in to iCloud to see the message in that email, in reality he does nothing but provide the hacker with the Apple ID and password to connect to it in order to steal the data.
The problem was initially discovered in iOS 8.1.2 and was brought to Apple's attention since January, but the American company has done absolutely nothing so far to solve it and protect users.
The even bigger problem is that we are not talking here just about a login interface for a website, because any CSS or HTML code can be loaded remotely into an email visible in the Mail application from iOS.
In this idea, a hacker can force a user to access a website created by him, be it one that imitates iCloud, that of a bank, a Google website, or any other website on the Internet.
Unfortunately, without Apple solving the problem and protecting users we remain vulnerable to such attacks and for now it is not known to what extent iOS 9 solves the problem or not, so it remains to be seen what Apple will do.
The person who discovered the bug had to wait 5 months for Apple to solve it, but in the absence of action from those in Cupertino, he chose to reveal the vulnerability.
