A new iPhone Wi-Fi Exploit might be the breaking point for some Apple customers. According to the researcher, all of the mobile data stored on the device can be at risk.
Ian Beer, a Google Project Zero security researcher, has recently revealed that a variety of Apple iPhones and other iOS devices have been vulnerable to attackers who could have remotely taken control of their devices from a distance.
The British computer security expert has been part of the Project Zero team of security analysts employed by Google to find zero-day vulnerabilities.
Beer, who is well-known as a white hat hacker and one of the best iOS hackers around, assures that the vulnerability had been reported to Apple back in May before the giant tech company launched COVID-19 contact tracing technology on iPhones.
“The takeaway from this project should not be: no one will spend six months of their life just to hack my phone, I’m fine. Instead, it should be: one person, working alone in their bedroom, was able to build a capability which would allow them to seriously compromise iPhone users they’d come into close contact with.”Ian Beer
The possible exploits were wormable, which means that they had the potential to spread from one device to another nearby one with no user interaction required. In this way, attackers could have had unlimited access to everything from emails and other messages to downloading photos, and even watching or listening to the users through the microphone or camera of the hacked iPhone.
“This is a fantastic piece of work,” Chris Evans, a semi-retired security researcher and the founder of Project Zero, said in an interview. “It really is pretty serious. The fact you don’t have to really interact with your phone for this to be set off on you is really quite scary. This attack is just you’re walking along, the phone is in your pocket, and over Wi-Fi, someone just worms in with some dodgy Wi-Fi packets.”
Beer described in detail the vulnerability and the exploit he spent six months devising in a 30,000-word post published on Tuesday.
“So what went so wrong that it was possible? Unfortunately, it’s the same old story. A fairly trivial buffer overflow programming error in C++ code in the kernel parsing untrusted data, exposed to remote attackers,” stated Beer. “In fact, this entire exploit uses just a single memory corruption vulnerability to compromise the flagship iPhone 11 Pro device.”
And as expected, fellow cybersecurity researchers immediately took notice, with most of them highly praising Ian Beer’s project:
“This paper reads like the story of when Andrew Wiles solved Fermat’s Last Theorem. Great story of how it was worked out,” tweeted Cybersecurity researcher and Scope Security founder Mike Murray, with Patrick Wardle, the founder of Objective-See also taking to Twitter: “Ian’s “lockdown project” is a work of art… while his insights are spot-on: “As things stand now in November 2020, I believe it’s still quite possible for a motivated attacker with just one vulnerability to… completely, remotely compromise top-of-the-range iPhones.”
Beer built several exploits, but in the most serious one, he used a Mac, a Raspberry Pi 4, and a readily available Netgear WiFi adapter all while working from home during the pandemic lockdown.
“One person working alone in their bedroom was able to build a capability which would allow them to seriously compromise iPhone users they’d come into close contact with,” Beer wrote. “Imagine the sense of power an attacker with such a capability must feel. As we all pour more and more of our souls into these devices, an attacker can gain a treasure trove of information on an unsuspecting target.”
Apple did not deny that the exploit had existed, and had even cited Ian Beer in its May 2020 security update changelogs which are connected to the vulnerability.
This comes just after Apple has released several patches last month to fix no less than 3 zero-day vulnerabilities under active attacks. The flaws, which were affecting several types of Apple’s products, had also happened to be discovered by Google’s Project Zero team.