iPhone Zero-Click WiFi Exploit Is One of the Most Notorious Hack Ever with No Interaction Needed, Expert Claima

A security researcher claimed that zero-click WiFi exploit is one of the most notorious iPhone hacks right now. This iOS flaw, he said, enables cybercriminals to control and access nearby iPhones, thanks to AWDL, a proprietary Apple wireless mesh networking protocol.

A Security Expert Discover the Most Notorious iPhone Hack! Zero-Click WiFi Exploit Needs No Interaction
A South Korean man experience Samsung Electronics Galaxy Note 8 smartphone at its shop on August 25, 2017 in Seoul, South Korea. Prosecutors are seeking a 12-year jail sentence. Lee, de facto chief of South Korean conglomerate, faces five charges connecting the bribery scandal involving ousted former President Park Geun-hye and her confidant Choi Soon-sil. The verdict affects the business of Samsung, which has launched new Galaxy Note 8 smartphone to wipe out the misery of exploding Note 7 last year. Photo by Chung Sung-Jun/Getty Images

According to Apple Insider's latest report, Ian Beer, a member of Google's Project Zero team, explained that the newly discovered scheme allows hackers to access photos, messages, real-time device monitoring, and emails.

Because of its ability, Apple patched this vulnerability since it gives hackers remote access to the entire device. What makes this more dangerous is that it only needs a WiFi connection and doesn't require any user interaction.

Beer spent six months developing the exploit

Ars Technica reported that it took Beer six months to single-handedly develop the new exploit. He described the vulnerability and the proof-of-concept exploit in a 30,000-word post he published on Tuesday, Nov. 1.

A Security Expert Discover the Most Notorious iPhone Hack! Zero-Click WiFi Exploit Needs No Interaction
The new iPhone 5S with fingerprint technology is displayed during an Apple product announcement at the Apple campus on September 10, 2013 in Cupertino, California. The company launched the new iPhone 5C model that will run iOS 7 is made from hard-coated polycarbonate and comes in various colors and the iPhone 5S that features fingerprint recognition security. Photo by Justin Sullivan/Getty Images

Because of its severity, many security researchers immediately took notice. "This is a fantastic piece of work," said Chris Evans, Project Zero's founder, executive, and semi-retired researcher, via Ars Technica.

"It really is pretty serious. The fact you don't have to really interact with your phone for this to be set off on you is really quite scary," he added.

Evans explained that a hacker can use WiFi to import worms in a user's device, even if it is in their pockets.

How Zero-Click WiFi exploit works

The new vulnerability works by importing a buffer overflow in a driver for AWDL. Since these drivers are located in your iPhone's kernel, an extremely privileged part of any smartphone system, the flaw could lead to serious attacks.

What's alarming is that the zero-click WiFi exploit works over the air, making it more difficult for users to notice the attack. Beer said that a hacker can use this exploit to acquire sensitive user data without getting detected.

For more news updates about security vulnerabilities, always keep your tabs open here at TechTimes.

This article is owned by TechTimes.

Written by: Giuliano de Leon.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics