A Google hacker was able to weaponize the iPhone’s remote network to gain total access to the device, not only reading its contents but snooping through the camera and mic – six months ago. Users are only now finding out.
Ian Beer, a member of Google’s Project Zero hacking team, revealed on Monday that iPhones and other Apple devices could be remotely hijacked and turned into surveillance tools until May, when he said Apple patched the vulnerability. The hacker not only didn’t have to touch the device, but need not ever even see it.
Using the iPhone’s Apple Wireless Direct Link, an Apple-exclusive protocol that enables iOS devices to talk to each other in features like AirDrop and Sidecar, Beer was able to remotely hijack the iPhone.
From a distance, he was able to read messages, page through photos, download data, and even watch and listen to the user by activating the phone’s microphone and camera. Even if the user turned AWDL off, he was able to turn it back on.
Also on rt.com ‘Tracking must not be the rule’: Activist group files complaints against Apple over alleged breach of European privacy laws
While Beer’s hack took six months and he claims to have “no evidence that these issues were exploited in the wild,” he urged caution regarding the exploit, suggesting it was the wrong response to assume “no one will spend six months of their life just to hack my phone, I’m fine.”
Instead, [the response] should be: one person, working alone in their bedroom, was able to build a capability which would allow them to seriously compromise iPhone users they’d come into close contact with.
In a Project Zero blog post detailing the hack, Beer suggests that the use of directional antennas and other transmission-boosting technology could significantly expand the range of such an attack, and pointed out that while it had taken him six months to work through the vulnerability, he was just a single person, while there are entire companies and military divisions with teams of specialists who’d make short work of such a hack. (RT)
Whatsapp xəttimiz - 070 224 40 25