iPhone/iPad running on iOS 8.x can be taken over by hackers using Airdrop and other vulnerabilitiesProof-of-Concept videoMitigation
The attack allows a potential hacker to install malicious apps on iPhones and Macs via their Bluetooth-enabled Airdrop filesharing feature. Anyone in range of a target device with the feature enabled could plant malware on the phone or PC, even if the victim didn’t tap “accept” for the offered file. Dowd said that Apple had patched the vulnerability in its latest OS release, iOS 9 and has advised all iPhone/iPad owner to update their devices to iOS 9 immediately.
Proof-of-Concept video
Dowd’s PoC takes advantage of not only the Airdrop bug in iOS but also a vulnerability that allows corporations to install their own custom apps on Apple’s otherwise tightly restricted operating system. The hacker can use this very vulnerability to install any unapproved and malicious App after sending it through the Airdrop filesharing feature. Dowd’s PoC works on iPhones/iPads that havent been jailbroken and can even disable the pop-up prompt that iPhone owner whether he/she trusts the program’s author. After gaining access, the attacker would then wait until iPhone next rebooted and begin implanting malware. Dowd says that a potential hacker could silently scout for iPhone users with Airdrop enabled within Bluetooth range—say, in a crowded place like a train or mall—and start planting malicious programs on their phones or Macbooks. An attacker who got hands-on time with the victim’s iPhone could alternatively use the attack as a lockscreen bypass.
Mitigation
Dowd stated that Apple has already released a security update for both the Macbook and iPhone and those users who have updated to the latest version (iOS 9) are safe from the attack. However those iPhone users who dont want to upgrade their devices should alternatively disable Airdrop or their computer’s Bluetooth feature altogether. They also need to disable the access Control Center from the phone’s lockscreen.
