According to Forbes, Schou has since discovered that there is a way for bad actors to increase the damage caused by hacking to the point that restarting Wi-Fi requires a custom factory reset while the iPhone backup file is manually edited to delete the entries. that create problems. There had been concerns that the hack – officially known as a format string flaw – could be improved to do even more damage. The goal for bad actors is to use the attack to place malicious code on cell phones and even entire networks.

New iPhone Wi-Fi Hack Turns into More Dangerous Malicious Attack

Originally, iPhone users weren’t too worried because they had to be connected to a weirdly named Wi-Fi network to get hacked and, in truth, how many of us would connect to a Wi-Fi network? -Fi named “% p% s% s% s% s% n.” However, it is possible that the strange name of the Wi-Fi network could be converted into a legitimate and regular network nickname that could trick iPhone users into believing they are connecting to a legitimate Wi-Fi network. .

Amichai Shulman, CTO of wireless security specialist AirEye, said, “Our research team was able to construct the network name in a way that does not expose the user to strange characters, making it look like a name. existing and legitimate network. ” This is a big deal because without the flashing red light of a network named% p% s% s% s% s% s% n warning an iPhone user to stay away, it could easily sync with a malicious Wi-Fi network.

While malicious attackers can spoof legitimate hotspots used nationwide, iPhone owners won’t be able to tell if they’re connecting to a Wi-Fi network that helps them connect to the Internet, or connecting to a hacker trap that shuts down their Wi-Fi connection.

Shulman says, “Attack traffic can be sent over channels that are not used for corporate network traffic. Therefore, the attack goes undetected by network security solutions and leaves no trace in the investigation and networking logs.

Will Apple release a fix in the next version of iOS 14.7 currently in beta testing?

Amichai adds that Apple’s MacBooks could also be vulnerable, and formatting string faults can also be created for devices running Android, Windows, and Linux. “Airborne attacks are new and an unresolved threat vector. Given their stealthy nature, we are bound to see more attacks of this type,” said the technical director.

Apple really needs to end this quickly and the best way to do that would be to release a patch that stops this malicious hack directly. Apple has tested the beta of iOS 14.7 and it might not be too late to add the patch to the final version of iOS 14.7. Until this hack is permanently eliminated, you will need to be wary of Wi-Fi networks that you have never securely connected to before.

All Apple iPhone models running iOS 14 are considered at risk.

LEAVE A REPLY

Please enter your comment!
Please enter your name here