One of the biggest buyers of iOS zero-day exploits says the market is flooded with new iPhone bugs due to weakened security components in Safari and iMessage.
Zerodium, which pays $2 million for iOS exploits, recently announced it’s increasing its payout for Android exploits to $2.5 million. iOS used to be the most locked-down mobile operating system, but the company says Android’s security has improved with every new OS release while iOS has been slacking, leading to a glut of new exploits.
The iOS and macOS vulnerabilities revealed by the latest WikiLeaks data dump of CIA hacking tools have already been fixed.
Apple says that an early evaluation of the info released by WikiLeaks hasn’t found any new bugs or attacks that can be used on iPhone or Mac users. Some of the exploits contained in the leaks were able to grant access to an iPhone’s call logs and SMS conversations, but only if the CIA had physical access to the device.
The deadline for Zerodium’s iOS 9 bug bounty officially ended last month, and the company announced today that one team managed to claim the million-dollar prize by providing an improbable hack that allows attackers to remotely jailbreak the newest iPhone operating system.
It appears Apple’s arrogance is getting in the way of protecting its users from a long standing SMS exploit that could allow potential hackers to spoof a reply-to number, causing the recipient to think he/she is replying to a legitimate contact, when in reality, their information is being sent to the hackers designated address. As you can imagine, this is quite troublesome, yet Apple has brushed it away despite numerous pleas made by a well known iOS hacker (pod2g):
Setting up a passcode for your iOS device is one of the first steps you can take to keep your data safe. It prevents access to your device, blocking unauthorized user from accessing your personal data, photographs, contacts, messages, and anything else you have stored inside.
However, that passcode lock is useless when it comes up against a piece of software called XRY from the Swedish security firm Micros Systemation. With XRY, your personal data, call logs, GPS location data, contacts, and even keystrokes can all be extracted and decrypted in under ten minutes.
Despite a message posted to Twitter by Pod2g earlier this week, suggesting an untethered jailbreak for the iPhone 4S was less than a week away from public release, a new blog post detailing the iOS hacker’s process indicates the exploit could still be weeks away yet.
Pod2g has revealed that his new exploit requires a developer account to inject the necessary files to your device, and until he finds a way around this, the hack will not see a public release.
We told you a couple of hours ago about security guru Charlie Miller’s new iOS vulnerability that allows an approved App Store app to run unsigned code remotely. Miller has been hacking Apple’s products for years, and this most recent bug is a particularly nefarious exploit that could be used for all kinds of evil purposes.
Charlie Miller is one of the good guys, however, and he is planning to show his cards at the SysCan conference in Taiwan next week. The ends don’t always justify the means in this case, as Apple has now kicked Miller out of the App Store and iOS Developer Program.
When it comes to Mac hacking, there are few security experts more dangerous than Charlie Miller, who can hack a Mac in mere seconds. Luckily, Miller only uses his hacking powers for the forces of good, so his hacks often lead to more secure systems for you and me.
Let’s hope that’s the case for the latest vulnerability Miller identified for the iOS platform. He has discovered a huge bug in iOS that allows malicious devs to write innocuous looking apps that slip by the App Store review process, only to phone home to a remote computer and repurpose all of iOS’s normal functions for malicious ends.
