Researchers discover Wi-Fi bug that lets hackers get past lock code in iPhone 7

Researchers discover Wi-Fi bug that lets hackers get past lock code in iPhone 7

Researchers discover Wi-Fi bug that lets hackers get past lock code in iPhone 7

A group of researchers has discovered a Wi-fi bug that allows hackers to get past an iPhone’s lock screen and install apps without the knowledge of the user.

The researchers won a prize of $110,000 for discovering the bug and Apple will release a security patch soon to remove the Wi-Fi bug.

The said researchers demonstrated the presence of the Wi-Fi bug at the global Pwn2Own hacking contest in Tokyo which was not only attended by many well-meaning hacker but also representatives from Apple, Google, and Huawei. The contest has been designed to encourage hackers to identify zero-day security risks and ways to resolve them.

The research team, calling themselves the Tencent Keen Security Lab, succeeded in a contest that required them to target the Wu-Fi application on an iPhone 7 handset.

‘Tencent Keen Security Lab gets code exectution through a WiFi bug and escalates privileges to persist through a reboot. The four bugs used earn them a total of $110,000 and 11 Master of Pwn points,’ said the contest website.

The team also used two bugs to exploit the Safari browser, winning an additional $45,000 in the process. The vulnerabilities have been reported to Apple but their details will not be published for 90 days to allow Apple to build a fix in the meantime.

‘Once we verify the research presented is a true 0-day exploit, we immediately disclose the vulnerability to the vendor, who then has 90 days to release a fix. Representatives from Apple, Google, and Huawei are all here and able to ask questions of the researchers if needed.

‘At the end of the disclosure deadline, if a vendor is unresponsive or unable to provide a reasonable statement as to why the vulnerability is not fixed, the ZDI will publish a limited advisory including mitigation in an effort to enable the defensive community to protect users,’ the website said.

This is the second such Wi-Fi bug discovered in iPhones this year. Last month, security researchers uncovered several key management vulnerabilities in WPA2 security protocol that left all Wi-Fi devices, including iPhones, vulnerable to hackers. Apple said that security updates to patch the recent vulnerabilities are currently being tested and will be rolled out in the coming weeks.

Copyright Lyonsdown Limited 2021

Top Articles

No More Ransom initiative cut ransomware industry's profits by £850m

The No More Ransom initiative has helped more than six million people to recover their files in the aftermath of ransomware attacks

TikTok fined €750,000 for violating children’s privacy

The Dutch Data Protection Authority has imposed a fine of €750,000 on TikTok for violating the privacy of young Dutch users. TikTok provided their privacy statement in English rather than…

New Zealand accuses China of sponsoring a range of malicious cyber attacks

New Zealand has accused China of sponsoring malicious cyber activity carried out by a nation state actor known as APT40.

Related Articles

[s2Member-Login login_redirect=”” /]