Just In: iOS Wi-Fi Bug Can Allow Attackers to Install Malware and Steal Data from iPhones [It’s Not KRACK]
It's security week over at Apple headquarters as the team is facing a number of issues to fix. After finally sending a patch for the KRACK security vulnerability that broke Wi-Fi encryption along with a flaw that enabled people to get into your photos from the lock screen, the company will have to deal with another iOS security vulnerability. It's to do with Wi-Fi, again.
At the Mobile Pwn2Own hacking contest in Tokyo, security researchers earned over $110,000 for exploiting vulnerabilities in iOS to execute code. Tencent's Keen Security Lab exploited four security bugs targeting Wi-Fi in iPhone 7. While the details are scarce at the moment since the bug hasn't been fixed, according to the event page, the Keen Security Lab managed to get code executed "through a WiFi bug" and then escalated "privileges to persist through a reboot."
Yep, sounds like a critical security flaw. "The phone connects to a Wi-Fi network and a malicious app is installed," Trend Micro said.
"Sensitive information can be exfiltrated from the targeted device."
It is unclear if the attacker needs to be in the same network and any other nuances also remain unavailable at the moment. What is clear is that the exploit works even on the latest iOS 11.1 that was delivered yesterday.
— Zero Day Initiative (@thezdi) November 1, 2017
The hack was a winner at the Mobile Pwn2Own contest, organized by Trend Micro's Zero Day Initiative.
Other bugs discovered in Safari, Galaxy S8, Mate9 Pro
Tencent Keen Security Lab also targeted Safari Browser on Apple's iPhone 7 using two bugs, one in the browser and one in a system service. The team managed to make an extra $45,000 and the hack was termed as the second winner of the event. Apart from these two, Keen Lab also earned $100,000 for targeting baseband on the Huawei Mate9 Pro.
Tencent's security researchers weren't the only ones earning huge bounties as researcher Richard Zhu ("fluorescence") targeted the Safari Browser on the iPhone 7 exploiting two bugs to make $25,000.
At the day one of Mobile Pwn2Own, researchers also exploited security vulnerabilities in Samsung Galaxy S8, however, iOS and Safari attacks were prevalent. In a statement to Forbes, Apple has said that it is aware of the issue and is working on a fix, which should be available soon. Tech companies get 90-days window to fix the vulnerabilities after which researchers publish some (or all) of the details of these exploits.