Researchers discover Wi-Fi bug that lets hackers get past lock code in iPhone 7

Researchers discover Wi-Fi bug that lets hackers get past lock code in iPhone 7

Researchers discover Wi-Fi bug that lets hackers get past lock code in iPhone 7

A group of researchers has discovered a Wi-fi bug that allows hackers to get past an iPhone’s lock screen and install apps without the knowledge of the user.

The researchers won a prize of $110,000 for discovering the bug and Apple will release a security patch soon to remove the Wi-Fi bug.

The said researchers demonstrated the presence of the Wi-Fi bug at the global Pwn2Own hacking contest in Tokyo which was not only attended by many well-meaning hacker but also representatives from Apple, Google, and Huawei. The contest has been designed to encourage hackers to identify zero-day security risks and ways to resolve them.

The research team, calling themselves the Tencent Keen Security Lab, succeeded in a contest that required them to target the Wu-Fi application on an iPhone 7 handset.

‘Tencent Keen Security Lab gets code exectution through a WiFi bug and escalates privileges to persist through a reboot. The four bugs used earn them a total of $110,000 and 11 Master of Pwn points,’ said the contest website.

The team also used two bugs to exploit the Safari browser, winning an additional $45,000 in the process. The vulnerabilities have been reported to Apple but their details will not be published for 90 days to allow Apple to build a fix in the meantime.

‘Once we verify the research presented is a true 0-day exploit, we immediately disclose the vulnerability to the vendor, who then has 90 days to release a fix. Representatives from Apple, Google, and Huawei are all here and able to ask questions of the researchers if needed.

‘At the end of the disclosure deadline, if a vendor is unresponsive or unable to provide a reasonable statement as to why the vulnerability is not fixed, the ZDI will publish a limited advisory including mitigation in an effort to enable the defensive community to protect users,’ the website said.

This is the second such Wi-Fi bug discovered in iPhones this year. Last month, security researchers uncovered several key management vulnerabilities in WPA2 security protocol that left all Wi-Fi devices, including iPhones, vulnerable to hackers. Apple said that security updates to patch the recent vulnerabilities are currently being tested and will be rolled out in the coming weeks.

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”” /]