Security researchers discover a new iOS vulnerability “No iOS Zone” which lets hackers crash any iPhone or iPad within Wi-Fi range
Security researchers at security firm Skycure have discovered a new iOS vulnerability called “No iOS Zone’ which allows any would hacker to crash any iPhone/iPad or iPod Touch within the range of a Wi-Fi hotpost whether the user deliberately connects it or not.
The researchers presented the vulnerability at the RSA security conference in San Francisco today.
The bug affects iOS 8 and takes advantage of the bug in it by manipulating the SSL certificates sent to the iPhone or iPad and making them crash or putting them in a constant restart loop. The SSL certificates are used by all apps on iOS and the iOS itself the authenticate and run.
If you thought that not connecting to random Wi-Fi hotspots wont land you in trouble with the above vulnerability, the security researchers have combined the SSL certificate flaw with an older exploit called WiFiGate. After combining the two vulnerabilities, they found that iOS devices are pre-programmed by the carrier to automatically connect to certain networks. For example, AT&T customers will auto-connect to any network called ‘attwifi’. So there’s no way to prevent your phone from doing this other than turning the Wi-Fi completely off unless you are in a trusted zone.
The Skycure team during the presentation, created a Wi-Fi hotspot using the two vulnerabilities, which made any iPhone and iPad in the vicinity connect to it and crash or go into a bootloop. Once the iPhone or iPad homed in on to the corrupt Wi-Fi hotspot there is not possibility for the user to recover or to turn of the Wi-Fi because the iPhone/iPad is in a continuous bootloop.
Skycure said that they were working with Apple for a fix to the iOS operating system and they are not sure whether Apple’s latest version, iOS 8.3 may have fixed the issue, and till such time they havent disclosed the Proof of Concept.
They stated that iPhone and iPad users can avoid this vulnerability by using following ways :
- Users should disconnect from the bad Wi-Fi network or change their location in case they experience continuous crashing or rebooting.
- The latest iOS 8.3 update might have fixed a few of the mentioned threats–users are highly advised to upgrade to the latest version.
- In general, users should avoid connecting to any suspicious “FREE” Wi-Fi network.
You can actually remove the offending SSIDs from the carrier provided plist file. It’s a very straightforward process.