iOS Wi-Fi exploit lets hackers remotely access iPhones within Wi-Fi range without touching them
PHOTO: Screengrab/YouTube/Ian Beer
PUBLISHED ONDecember 04, 2020 1:31 AMByKenny Yeo
Ian Beer, a Google Project Zero, discovered an incredible and scary hack that would allow hackers to take control of an iPhone as long as they were within Wi-Fi range and without needing to even touch them.
Let's back up a bit. Most hacks usually require access to the target device. Usually, hackers need to plant, inject, or generally do something to get the hack to start and work. This hack, however, requires none of that, which is what makes it so scary.
[embed]https://www.youtube.com/watch?v=ikZTNSmbh00&feature=emb_logo[/embed]
Beer has revealed this exploit in a detailed and epic 30,000-word blog post which explains in detail how the hack works.
But very briefly, it involves taking advantage of a protocol called Apple Wireless Direct Link (AWDL). This is what Apple devices use to create connections for features like AirDrop and SideCar.
Its ease of use is also the cause of its downfall. As it's constantly searching for nearby devices, it can be manipulated into carrying out this hack.
Taking advantage of AWDL, Beer was able to hack any iPhone that was within Wi-Fi range, run arbitrary code on it, and even steal all user data.
[embed]https://www.youtube.com/watch?v=_sTw7GGoJ6g&feature=emb_logo[/embed]
If this sounds scary, the good news is that this vulnerability has been patched since May with the release of iOS 12.4.7 and iOS 13.3.1. In fact, you'll even see Beer mentioned in the changelogs of these patches.
Beer also said that he found no evidence that these issues have been exploited in the wild. However, given the insidiousness of this exploit, it's reasonable to think that affected parties might not even know they were hacked. Beer also said that it took him six months to investigate and develop the exploit .
[[nid:485629]]
Be that as it may, he warns:
"No one will spend six months of their life just to hack my phone, I'm fine.
Instead, it should be: one person, working alone in their bedroom, was able to build a capability which would allow them to seriously compromise iPhone users they'd come into close contact with.
Imagine the sense of power an attacker with such a capability must feel. As we all pour more and more of our souls into these devices, an attacker can gain a treasure trove of information on an unsuspecting target."
This article was first published in Hardware Zone.