This zero-click iOS exploit could let hackers hijack your iPhone

A Google Project Zero researcher has discovered an iOS exploit that allows a threat actor to remotely take over an individual’s iPhone. The vulnerability, which has now been patched, put sensitive corporate information stored on business smartphones at risk, as well as a substantial amount of personal data too.

The vulnerability enabled hackers to remotely take control of some iPhone and other iOS devices, allowing them to read messages, view images – essentially, monitor everything taking place – as long as the device was in relatively close proximity.

The exploit, which is explained in painstaking detail here, was discovered by Project Zero researcher Ian Beer by taking advantage of the Apple Wireless Direct Link protocol used to create mesh networks for features like AirDrop and Sidecar.

Check out our roundup of the best antivirus software
We've put together a list of the best malware removal software
Also check out our roundup of the best ransomware protection

“In this demo, I remotely trigger an unauthenticated kernel memory corruption vulnerability which causes all iOS devices in radio-proximity to reboot, with no user interaction,” Beer explained. “Over the next 30,000 words, I'll cover the entire process to go from this basic demo to successfully exploiting this vulnerability in order to run arbitrary code on any nearby iOS device and steal all the user data.”

Taking remote control

Admittedly, it did take Beer six months to exploit the iPhone flaw, but the researcher argues that this shouldn’t give Apple, or any iPhone owners, much cause for comfort.

Plenty of other threat actors will have greater resources and knowledge at their disposal, potentially enabling a faster turnaround. He also theorizes that directional antennas and higher transmission powers could greatly increase the viable range of such attacks.

Apple security updates released earlier this year have now patched the vulnerability in question and users of most recent iOS releases will be protected.

However, although there is no evidence that this iPhone flaw was ever exploited in the wild, the discovery is still a worrying development – particularly for Apple, which prides itself on its security credentials.