White hat hacker Ian Beer on 1/12/2020 disclosed details about new vulnerability “wormable” iOS bug that can control on any iphone remotely using Wi-Fi.
Using this exploit hacker can download photos, copy private messages and monitor remotely over the mobile phone.
The Zero – click exploit
Security researcher developed multiple exploits to understand the flaw, where he built wormable radio proximity exploit that allow hacker to gain control over iphone 11 pro, where he deployed the exploit using laptop, raspberry pi and some off the shelf wifi adapter to achieve arbitrary kernel memory read and write remotely, to inject the shellcode payloads into the kernel memory using victim process.
Buffer Overflow Bug:
Security researcher Beer exploited buffer overflow bug which is present in driver of AWDL, which is an apple native mesh networking protocol used to enable features like airdrop and airplay. Which has capability to give complete remote access to hackers. AWDL will get executed on remotely on locked device as well.
Proof of concept: https://github.com/synacktiv/CVE-2020-27950
Demo Video of Denial of Service Attack: https://www.youtube.com/watch?v=ikZTNSmbh00
You may also like
-
Dhaka Police arrests Turkish ATM hacker six months after escaping from Agartala
-
What is phishing?
-
Zloader Banking a new Malware attack can be bypass Microsoft Signature Verification.
-
Remote hacking is possible for Garrett walk-through metal detectors.
-
Code Signing Certificates are being used by new BLISTER malware to avoid detection.