This could be the most dangerous iPhone security hack ever seen

iPhone waterproof
(Image credit: Apple)

A dangerous new iOS security vulnerability that could allow hackers to remotely take over an individual’s iPhone has been revealed by a researcher at Google's Project Zero team

The vulnerability, which has now been patched, put sensitive corporate information stored on business smartphones at risk, as well as a substantial amount of personal data too.

The vulnerability enabled hackers to remotely take control of some iPhone and other iOS devices, allowing them to read messages, view images – essentially, monitor everything taking place – as long as the device was in relatively close proximity. 

The exploit, which is explained in painstaking detail here, was discovered by Project Zero researcher Ian Beer by taking advantage of the Apple Wireless Direct Link protocol used to create mesh networks for features like AirDrop and Sidecar.

Taking remote control

Admittedly, it did take Beer six months to exploit the iPhone flaw, but the researcher argues that this shouldn’t give Apple, or any iPhone owners, much cause for comfort. 

Plenty of other threat actors will have greater resources and knowledge at their disposal, potentially enabling a faster turnaround. He also theorizes that directional antennas and higher transmission powers could greatly increase the viable range of such attacks.

Apple security updates released earlier this year have now patched the vulnerability in question and users of most recent iOS releases will be protected. 

However, although there is no evidence that this iPhone flaw was ever exploited in the wild, the discovery is still a worrying development – particularly for Apple, which prides itself on its security credentials.

Via The Verge

Barclay Ballard

Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services.  After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things.