Apple has repeatedly reported highresilience to hacker attacks on the iOS operating system, and advertises its iPhones as the world's most secure mobile devices. However, information about perfect quick and effective hacks of Apple products appears periodically. The latest experiment of a Google employee proved the possibility of remotely stealing information stored on the iPhone, including photos.
The vulnerability was identified and described by an expert inCybersecurity Google Project Zero, by Jan Bier. The work on detecting the exploit took the specialist six months. The iPhone was jailbroken using Apple's proprietary Wireless Direct Link (AWDL) protocol, which is used for AirPlay and AirDrop.
AWDL is enabled by default in allApple devices (iPhone, iPad, Mac, Apple Watch, Apple TV, and HomePods), greatly increasing the potential vulnerability. At the same time, the expert found a way to remotely enable AWDL in devices where the protocol would be disabled.
To remotely hack an iPhone, an expertI used a Raspberry Pi 4B microcomputer and two Wi-Fi adapters. Using special equipment, a hacker will be able to jailbreak an iPhone over 100 meters away.
The vulnerability exploits a buffer overflow errorin the AWDL driver found in the iOS kernel, further increasing the potential for hacking. Also, AWDL does not analyze Wi-Fi packets, which allows air penetration with possible access to a huge array of personal confidential information from e-mail and photos to passwords and cryptographic keys.
It should be noted that this vulnerability has already been fixed after the release of the iOS 13.5 update, but users who did not receive the update are still at risk.