The security hole allows hackers to hack iPhone remotely, update iOS now

Hackers can exploit this vulnerability to remotely reboot or take full control of an iOS device (iPhone, iPad, ...).

If you've ever seen hacker movies, you should be familiar with the scene where a hacker can instantly take control of someone's device without touching them.

Of course, that is just a fictional detail that makes the film more engaging and dramatic. However, in a recent discovery, details that seem only in this movie can completely happen in reality.

The security hole allows hackers to hack iPhone remotely, update iOS now Picture 1The security hole allows hackers to hack iPhone remotely, update iOS now Picture 1

Security researcher Ian Beer. (Photo: The CyberWire)

According to The Verge, Ian Beer - a security researcher at Google Project Zero, has just revealed that, as of May 2020, a lot of iOS devices, including the iPhone, have a dangerous vulnerability.

Hackers can exploit this vulnerability to restart or take full control of a remote iOS device, including reading email or other messages on it; upload photos from victim's device; ability to eavesdrop on conversations through the phone's microphone, as well as peek through the camera on the iPhone.

The security hole allows hackers to hack iPhone remotely, update iOS now Picture 2The security hole allows hackers to hack iPhone remotely, update iOS now Picture 2

(Artwork: iLounge)

According to Beer, the vulnerability stems from a protocol called Apple Wireless Direct Link (abbreviation: AWDL) found on iPhones, iPads, Macs as well as Apple Watch.

In particular, the AWDL protocol is used to create a "Network Connection Model", supporting features such as AirDrop - allowing device owners to share photos or files to other iOS devices, or SideBar - Turn your iPad into a second monitor quickly.

The security hole allows hackers to hack iPhone remotely, update iOS now Picture 3The security hole allows hackers to hack iPhone remotely, update iOS now Picture 3

(Artwork: Jaap Arriens / NurPhoto / Getty Images)

The source said, security researcher Ian Beer not only figured out how to exploit the vulnerability, but he also figured out how to turn on AWDL even when the connection was disabled.

According to Ian Beer, "there is no evidence that this vulnerability has been exploited in real life", admitting that it took him 6 months to detect, validate and prove the vulnerability.

The security hole allows hackers to hack iPhone remotely, update iOS now Picture 4The security hole allows hackers to hack iPhone remotely, update iOS now Picture 4

(Artwork: Free Images)

The security researcher further revealed that this vulnerability was fixed in May 2020 on the iOS 13.5 update.

Apple also does not deny the existence of this vulnerability. Apple did mention it in May 2020 security updates, according to The Verge.

The security hole allows hackers to hack iPhone remotely, update iOS now Picture 5The security hole allows hackers to hack iPhone remotely, update iOS now Picture 5

(Artwork: Tomohiro Ohsumi / Getty Images)

According to Apple, most iOS users are using newer versions of iOS, which have already been fixed. In addition, hackers also need to be within Wi-Fi to be able to exploit this vulnerability.

4.5 ★ | 2 Vote