Google Project Zero hackers are at it again! They have just made public a remote WiFi exploit for iOS 10. Here’s how it works.
Table of Contents
iPhone 7 can be hacked remotely over WiFi
A hacker from Google Project Zero has just released an exploit for Broadcom’s WiFi BCM4355C0 SoC (system-on-a-chip) present in the iPhone 7.
This means any rogue router can hack into the iPhone 7 remotely over WiFi, provided the device connects to it.
WiFi chips can handle several WiFi related events without “falling back” to the device’s host operating system.
These chips are also present in other smartphones such as Samsung Galaxy Edge S7 but it doesn’t have a publicly available exploit, unlike the iPhone 7.
Here’s a brief explanation of how it works.
- Hacker scans for vulnerable iPhone or any other device that is trying to connect to a WiFi network.
- Hacker spoofs that particular network.
- The device erroneously connects to the rogue network.
- Hacker executes the exploit on the target device and gains read/write access.
The exploit was originally tested on iOS 10.2 firmware. However, it should work up till iOS 10.3.3, which is the latest version of iOS 10 series.
Can this lead to a jailbreak?
While this can not lead to a jailbreak on its own, it does allow Read/Write access. This exploit has been patched in iOS 11 so iOS 10.3.3 is the only option that remains.
The backdoor created persists even after you reboot your iPhone. Therefore, it is considered extremely powerful because of its untethered nature.
Time is certainly running out for an iOS 10.3.3 jailbreak. Hopefully, a skilled hacker will utilize it to develop a jailbreak tool for iOS 10.3.3 firmware.
What do you think – will this lead to a jailbreak? Let us know your thoughts and opinions in the comments section below.
For more security news and updates, follow us on Facebook and Twitter.