Newly Discovered Zero-Click WiFi Exploit Lets Hackers Access iPhones Remotely

BY Mahit Huilgol

Published 2 Dec 2020

In the recent past, we have seen a slew of iOS vulnerabilities. The latest vulnerability lets hackers access your iPhone using a “zero-click” attack. The zero-click refers to an attack wherein the victim is not required to input anything. In other words, the attacker could gain access to an iPhone remotely.

Google Project Zero researcher discovered the vulnerability, and it affects iOS 13. As per the report, the exploit makes use of buffer overflow bugs present in the house mesh networking protocol. Since the driver has exclusive privileges, the attacker can access all sensitive information, including cryptographic keys and media files like photos.

Beer discovered the vulnerability in one of the iOS 13 betas. Furthermore, he spent six months developing the proof of concept. Soon enough, security researchers praised the work and talked about the perils of the exploit. One of the researchers had the following to say,

It really is pretty serious. The fact you don’t have to really interact with your phone for this to be set off on you is really quite scary. This attack is just you’re walking along, the phone is in your pocket, and over Wi-Fi someone just worms in with some dodgy Wi-Fi packets.

Most importantly, the attack can be carried over the air, oblivious to the victim. All one needs is a laptop, WiFi adapters, and a Raspberry Pi 4B. The video above shows how hackers can remotely access an iPhone 11 Pro. If deployed on a large scale, the attack can cause havoc. The security researcher was able to hack any iPhone within the radio range and access/steal user data with the help of arbitrary code.

Apple has already fixed the vulnerability in iOS 13.3.1. That being said, it is not clear if anyone used the vulnerability to steal data. Typically, WiFi networks are close to each other, and this makes it easy to launch a remote attack.

[via ArsTechnica]