Apple hasn’t historically faced the same malware threats as Windows, mainly because it was simply used by fewer people. But now that mobile Apple products are everywhere, hackers are figuring out ways to attack the platform. Most of these are frightening only if it’s your credit card details in the hands of the Russian mafia; otherwise, business as usual. They’re just the same hacks as those used on Android devices. But there is an Apple-specific attack, based on a weakness in the iOS operating system, that could render whole areas iPhone-free.
Weakness in the system
In a way, the devilishness of this hack relies on iPhone users being a little bit unscrupulous themselves. Hackers configure a wireless router in a particular way and then use it to start an unprotected network. Once an iPhone or other Apple device connects to the network, it crashes, and from then on it will crash every time it’s restarted, without giving the user time to disconnect from the network. The only solution is to physically move away from the network’s range. Of course, you shouldn’t really be connecting to other people’s unrecognised wifi networks anyway, but who can honestly say they’ve never done it?
Security makes it worse
The hack utilises SSL certificates to force apps that use these certificates to crash. This is particularly ingenious, as Skycure CTO Yair Amit blogged, because ‘SSL is a security best practice, and is utilized in almost all apps in the Apple app store, [so] the attack surface is very wide.’
Hard to guard against
One solution would be to simply set your device not to connect automatically to unprotected networks. Should be pretty simple, right? Trouble is, your phone actually talks to wifi networks without necessarily connecting to them. That’s how it knows where they are and what they’re called. And when it does that, a vulnerability called WiFiGate means an attacker can force a mobile device to connect to an unprotected network automatically. Add these together and it would be possible for attackers to create a situation whereby all iOS devices in a certain area became unsueable regardless of how they were configured.
The good news…
…is that for now, there are no known exploits of this weakness. Somebody could make it impossible for you to use your iPhone until you physically move, but otherwise the actual damage to targets is minimal – for now. As far as anyone knows, this hack hasn’t been used to steal information or threaten any confidential data. How long that will hold true is obviously unknown, but Skycure says it’s working with Apple on a fix and advises iOS users to update to iOS 8.3, which offers more protection, as soon as possible.
Posted on: 05.15.15