[ad_1]
During the Bubonic Plague in the 16th century, William Shakespeare wrote King Lear. This year, enduring months of COVID-19 quarantine, I played at least 200 hours of Death Stranding, Breath of the wild, and Call of Duty: Warzone combined.
Meanwhile, Ian Beer, one of the best hackers on the planet, has found a way to hack and take full control of any nearby iPhone with what many in the security industry consider to be the one of the most awesome iPhone hacks ever.
“For 6 months of 2020, while I’m locked in a corner of my room surrounded by my adorable screaming kids, I’m working on my own magic spell,” Beer, who works for Google’s elite hacking team Project Zero, wrote in a blog post. “No, unfortunately not an incantation to convince children to sleep until 9 a.m. every morning, but rather a deworming radio-proximity feat that allows me to completely control any iPhone in my neighborhood. photos, read all emails, copy all private messages and monitor everything happening there in real time. “
Beer was able to develop a technique to send an exploit over WiFi that requires no user interaction, and does not even require the target to be connected to the Internet. In other words, if your iPhone was within range of someone with that capability, they could take it over without forcing you to click on a questionable link or something. Worse yet, Beer’s exploit could have been turned into a worm, meaning it could automatically spread to nearby iPhones, spread exponentially, much like – if you allow me the cringey metaphor – a cyber coronavirus.
Are you researching and developing exploits for iPhones, Android phones, or other software? We would love to hear from you. Using a non-professional phone or computer, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, on Wickr at lorenzofb, on the OTR chat at [email protected], or by email [email protected].
Chris Evans, the original Project Zero team leader, wrote: “There is something beautiful and spellbinding about watching all of these iPhones die at slightly different times, as they receive a bundle of death. in WiFi “.
And there is really, just watch the short video above, or a longer version below, that Beer made himself to show how his feat works.
Dan Goodin, one of the world’s most seasoned cybersecurity journalists, called it “one of the most mind-boggling iPhone vulnerabilities ever.”
The bugs Beer found to develop this exploit chain have all been fixed since iOS 13.5, released in May of this year. But as Beer wrote in her post, the takeaway here should be that “one person, working alone in her bedroom, was able to create an ability that would allow her to seriously compromise any iPhone users she would be in. close contact “.
As well as being spectacular, this vulnerability could actually have real-world applications. According to a cybersecurity expert it just goes through Ray Redacted, it is possible that “this exploit could be used to unlock like 90% of the phones currently in custody in police departments across the United States”, given that they carry out older versions of iOS that still run code containing the bugs that Beer found.
Of course, developing something like this takes time and incredible expertise. But Beer showed this with just a Raspberry Pi, out of the box WiFi adapters. which cost a total of $ 100, and a few lines of code, he could have hacked anyone a few feet away.
Beer challenged Apple, once again, to qualify the bugs it found for the company’s bug bounty. Beer wrote on Twitter that these bugs could have been worth $ 500,000 and that he would love Apple to donate the money to charity.
Congratulations to Beer on his future Pwnie Award.
[ad_2]
Source link