Researchers discover Wi-Fi bug that lets hackers get past lock code in iPhone 7

Researchers discover Wi-Fi bug that lets hackers get past lock code in iPhone 7

Researchers discover Wi-Fi bug that lets hackers get past lock code in iPhone 7

A group of researchers has discovered a Wi-fi bug that allows hackers to get past an iPhone's lock screen and install apps without the knowledge of the user.

The researchers won a prize of $110,000 for discovering the bug and Apple will release a security patch soon to remove the Wi-Fi bug.

The said researchers demonstrated the presence of the Wi-Fi bug at the global Pwn2Own hacking contest in Tokyo which was not only attended by many well-meaning hacker but also representatives from Apple, Google, and Huawei. The contest has been designed to encourage hackers to identify zero-day security risks and ways to resolve them.

The research team, calling themselves the Tencent Keen Security Lab, succeeded in a contest that required them to target the Wu-Fi application on an iPhone 7 handset.

'Tencent Keen Security Lab gets code exectution through a WiFi bug and escalates privileges to persist through a reboot. The four bugs used earn them a total of $110,000 and 11 Master of Pwn points,' said the contest website.

The team also used two bugs to exploit the Safari browser, winning an additional $45,000 in the process. The vulnerabilities have been reported to Apple but their details will not be published for 90 days to allow Apple to build a fix in the meantime.

'Once we verify the research presented is a true 0-day exploit, we immediately disclose the vulnerability to the vendor, who then has 90 days to release a fix. Representatives from Apple, Google, and Huawei are all here and able to ask questions of the researchers if needed.

'At the end of the disclosure deadline, if a vendor is unresponsive or unable to provide a reasonable statement as to why the vulnerability is not fixed, the ZDI will publish a limited advisory including mitigation in an effort to enable the defensive community to protect users,' the website said.

This is the second such Wi-Fi bug discovered in iPhones this year. Last month, security researchers uncovered several key management vulnerabilities in WPA2 security protocol that left all Wi-Fi devices, including iPhones, vulnerable to hackers. Apple said that security updates to patch the recent vulnerabilities are currently being tested and will be rolled out in the coming weeks.

Copyright Lyonsdown Limited 2021

Top Articles

Clubhouse data leak: Data of 1.3m users dumped on a hacker forum

An SQL database containing records of 1.3 million Clubhouse users has been leaked for free on a popular hacker forum.

Iran terms Israeli cyber attack on nuke facility as "nuclear terrorism"

A rumoured cyber attack carried out by Mossad, Israel's official spy agency, destroyed legacy IR-1 centrifuges at Iran's underground nuclear facility located in Natanz.

The Hunt for Red Insider

The analogy to The Hunt For Red October is not far removed from the common reality of cybersecurity.

Related Articles