Have you ever seen that movie about a hacker who can take it instantly without touching someone’s device, or play that video game? Those shots are usually as unbelievable as heck. But every once in a while a real life hack seems obviously believable to them – a hack like the one you can see in the examples in the videos above and below.
Today, Google Project Zero security researcher Ian Beer Has revealed itUntil May, a variety of Apple iPhones and other iOS devices were vulnerable to incredible exploitation, allowing attackers to remotely restart and take complete control of their devices remotely – reading emails and other messages, downloading photos, and even listening to your iPhone’s microphone and camera. .
How is such a thing possible? Why should an iPhone listen to a remote hacking attempt? According to Beer, today’s iPhones, iPods, Macs and watches use a protocol called Apple Wireless Direct Link (AWDL). Air drop (So you can easily beam photos and files to other iOS devices) and Sidecar (Quickly convert to an iPod II screen). Beer not only found a way to exploit it, but also found a way to force AWDL to run it even if it had stopped before.
Beer admits to himself that “there is no evidence that these issues were exploited in the wild” and that it took him six months to clear, verify, and prove this exploitation – even though it was attached in May – and he advises that we should not take the existence of such a hack lightly:
Exiting this program should not be: No one would spend six months of their lives hacking my phone, I’m fine.
Instead, it should be: One person, working alone in their bedroom, was able to develop a capability that would allow iPhone users to actively compromise as they wanted to come into close contact.
Apple does not deny that there is exploitation, in fact it quotes beer in changelog To Many In its May 2020 security updates Connected with vulnerability. But the company points out that most iOS users use newer versions of iOS that are already connected – and suggest that the attacker must be within Wi-Fi range for this to work.
You can read Beer’s long description of how the hack worked Right here.
Updated, 9:44 PM ET: Apple comment added.