Hundreds of millions of iPhones have found a vulnerability that cannot be fixed
In hundreds of millions of iPhones, starting with the 4S model and ending with the top ten, a new vulnerability has been discovered. According to cybersecurity experts, the most dangerous feature of this bug is its inevitability вЂ” the only way to get rid of it is to buy a new smartphone.
Hundreds of millions of iPhones, starting with the iPhone 4S (A5 chip) and ending with the iPhone X (A11 chip), were exposed to a new vulnerability, reports The Verge. It was discovered by an expert on cybersecurity, known by the nickname axi0mX. He published an open-access exploit called вЂњcheckm8,вЂќ which allows hackers to access iOS devices at such a level that even Apple will not be able to influence the situation.
It is reported that it will not work to patch the device to fix the vulnerability вЂ” only owners of devices that left after the iPhone X are protected from it.
According to Avast senior software engineer Wojtech Bocek, sheckm8 is indeed a very serious vulnerability. It uses everything that runs on iOS devices when they are turned on, and this allows you to access all subsequent processes.
вЂњIn addition, the exploit cannot be fixed by updating on existing devices, because the exploited code is in read-only memory.
The only вЂњfixвЂќ is to buy a new device, such as iPhone XS / XR or later.
There is good news: this exploit requires physical access to the device, so for most users, this vulnerability is not dangerous. вЂќ
Moreover, the expert emphasized that criminals and government agencies received a new tool at their disposal. By default, data is encrypted on the iPhone if the user uses some form of screen locks, such as a PIN code or fingerprint. On older devices that do not have Secure Enclave (those devices that came before iPhone 5c inclusive), this exploit can allow an attacker to create a tool to crack a password using the вЂњbrute forceвЂќ method without personally limiting the number of attempts to enter.
вЂњUsing this vulnerability will allow attackers to break into devices much faster and easier than before. On newer devices, this is prevented by using Secure Enclave, which counts attempts to decrypt data and does not allow enumeration. In general, this exploit is mainly useful for people who want to have a deeper access to their iOS devices, but can lead to new, more serious vulnerabilities, вЂќ the source said.
As it turned out, checkm8 has a second bottom вЂ” so, this exploit can be used to jailbreak.
Jailbreak is the procedure for hacking the iPhone firmware, which is legal, but condemned by Apple, as it allows the user to install third-party programs on the device. According to the hacker Luke Todesco, who is one of the most famous jailbreakers, the new exploit is not yet a full-fledged jailbreak, but it can be brought to mind.
вЂњThis vulnerability allows jailbreak, i.e. expand the rights of users of Apple devices, which is not officially supported by the manufacturer. For example, previously jailbreak was used to install applications, not from official sources. A new vulnerability could also allow the installation of older versions of the iOS operating system. Such a need arose for many who tried to update their devices and received a вЂњslowed downвЂќ or almost non-functioning OS. вЂњ
However, it is worth considering that after using the jailbreak it will be problematic and, rather, even impossible to return to the original OS.
Also, the extension of rights requires the user to be highly literate in the field of information security, since in this case the probability of accidental installation of malware increases.
вЂњGlobally, the main problem that the new vulnerability leads to is that attackers can use it to unlock stolen Apple devices,вЂќ the expert said.