Google’s Project Zero cybersecurity researcher (and white-hat hacker) Ian Beer published an article in December of 2020, outlining how hackers can break into nearby iPhones to steal personal data. The vulnerability exploits a weakness in Apple’s wireless connectivity protocol Apple Wireless Direct Link (AWDL), doesn’t require any victim interaction, and results in complete control of an unpatched iPhone. In fairness to Apple, they have patched this vulnerability in iOS 13.1.1x and Mac OS 10.15.3x.
AWDL is ‘Apple Wireless Direct Link’ and is used as a networking protocol allowing Apple devices – iPhones, iPads, Macs, and Apple Watches – to form peer-to-peer data sharing. Chances are that if you own an Apple device you’re creating or connecting to these peer-to-peer networks many times a day without realizing it. AWDL is used in Airdrop file sharing, Airplay music sharing, ‘Sidecar‘ video display sharing, or even when answering a phone call on your Apple watch. Even if you haven’t been using those features, but people nearby have, your device could’ve joined an AWDL network they were using without your knowledge. This Google researcher left nothing to chance by searching for and discovering another flaw in the AWDL protocol that allowed him to guarantee he could enable AWDL within any iPhone in less than 2 minutes and subsequently fully exploit the device.
Beer’s article concludes with a short video (below) showing him stealing a photo from his phone using a hacking kit set up in the next room:
Wi-Fi involves connecting to a network. At home, you plug a Wi-Fi access point (router) into your modem which creates your Wi-Fi network. The router broadcasts a network name and accepts clients on a particular channel. These password-protected Wi-Fi networks have encryption and other security measures in place to support user security. Apple’s AWDL doesn’t require users to be on the same password-protected network to establish a peer-to-peer connection. AWDL has no built-in encryption, and lacks other basic security features, that results in this exploit being possible.
Beer noted that with proper engineering and hardware, once AWDL is enabled an entire exploit could run in a handful of seconds. Beer believes there are likely better techniques for getting AWDL enabled without using his brute force attack. Importantly, this vulnerability is wormable; a device that has been exploited could then itself be used to exploit other devices it comes into contact with.
Beer reported this vulnerability months ago to Apple and it has already been patched. If you updated your iPhone in 2020, you’re safe from this hack. The following steps should always be taken by smartphone users to reduce chances of becoming a victim:
Sources:
Additional Readings:
Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.
Stop tricking employees. Start training them. Take Control of Your Security Awareness Training with a Platform...
Read moreA recent discovery by cybersecurity firm Oligo Security has unveiled a series of critical vulnerabilities in...
Read moreGet sharper eyes on human risks, with the positive approach that beats traditional phish testing.