Thursday, March 28, 2024

iOS Trustjacking -Dangerous iOS Vulnerability to Hack iPhones & Gain Complete Control Remotely by Attackers

New Vulnerability called “iOS Trustjacking” discovered in the iOS device that allows an attacker to control the Vulnerable device remotely and perform various malicious activities.

An iOS Trustjacking exploits the vulnerability that presented in iTunes Wi-Fi sync which enables the attack to gain the remote access without any user interaction and gain persistent control to the victim’s device without any physical Interaction.

“iTunes Wi-Fi sync” is one of the useful future that allows iOS devices to be synced with iTunes without having to physically connect the iOS device to the computer.

Previously discovered a related vulnerability and Attac such as juice jacking (new computer didn’t require any authorization that leads to install malware),  Videojacking,(HDMI connection and get a screen recording of iOS devices) required users physical interaction to perform various malicious activities.

In this case,  Trustjacking vulnerability also even more continuous persistence with the vulnerable iOS device and stay connected to the compromised device even after the device disconnected with malicious hardware.

How does this iOS Trustjacking vulnerability works

iTunes Wi-Fi sync helps to communicate with the device without any physical connection and the user requires to syncing the iOS device with iTunes first by connecting to a computer with a cable in order to achieve this future.(sync with the iOS device over Wi-Fi.)

if the user needs to access the new computer with their iOS device, it is asked to make this connection as a trust connection or not and once user allows it then it accesses iOS device via the standard iTunes APIs.

According to Symantec’s RSA Conference presentation, This allows the computer to access the photos on the device, perform a backup, install applications and much more, without requiring another confirmation from the user and without any noticeable indication.

At the same time, This iOS Trustjacking could activate the  “iTunes Wi-Fi sync” feature which allows continuing the existing connection with the device even after the communication disconnected from the computer as long as the iOS device is connected to the same network.

so the attacker needs to take two steps:
  • Allow the device to connect to iTunes
  • Enable iTunes Wi-Fi sync

Interesting this is to enable “iTunes Wi-Fi sync” does not require the victim’s approval and can be conducted purely from the computer side.

So Attacker can possibility can easily take screenshots and display or recording them remotely also an attacker is able to get access to a lot of private information such as Photos, SMS / iMessage chats history, App data Etc..

According to the researcher, These steps can be automated by malicious software. They interestingly do not require any additional approval from the victim and don’t trigger any indication on the device that something is happening.

“In order to be able to view the victim’s device screen, the attacker needs to install the developer image suitable for the victim’s device iOS version; then, he can take screenshots repeatedly and view the device’s screen in near real time. Installing the developer image can be conducted over Wi-Fi and does not require regaining physical access to the device. “

Website

Latest articles

Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers

A critical vulnerability in Ray, an open-source AI framework that is widely utilized across...

Chinese Hackers Attacking Southeast Asian Nations With Malware Packages

Cybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two...

CISA Warns of Hackers Exploiting Microsoft SharePoint Server Vulnerability

Cybersecurity and Infrastructure Security Agency (CISA) has warned about a critical vulnerability in Microsoft...

Microsoft Expands Edge Bounty Program to Include WebView2!

Microsoft announced that Microsoft Edge WebView2 eligibility and specific out-of-scope information are now included...

Beware of Free Android VPN Apps that Turn Your Device into Proxies

Cybersecurity experts have uncovered a cluster of Android VPN applications that covertly transform user...

ZENHAMMER – First Rowhammer Attack Impacting Zen-based AMD Platforms

Despite AMD's growing market share with Zen CPUs, Rowhammer attacks were absent due to...

Airbus to Acquire INFODAS to Strengthen its Cybersecurity Portfolio

Airbus Defence and Space plans to acquire INFODAS, a leading cybersecurity and IT solutions...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles