iOS 8 bug allows hackers to crash iPhones over Wi-Fi

iPhone-boot-loop

Researchers have proven that it’s possible for attackers to crash any iPhone or iPad over Wi-Fi, thanks to a bug in iOS 8. In some cases, devices can be forced into a boot-loop, rendering them unusable.

The vulnerability was demonstrated at the RSA security conference in San Francisco this week by security research firm Skycure. Dubbed “No iOS Zone,” the hack can be carried out on almost any iOS device running iOS 8, but iPhones are more vulnerable.

The attack is carried out by manipulating SSL certificates — which are used by virtually every iOS app — and then sending them to an iPhone or iPad over Wi-Fi. And in some cases, only disabling Wi-Fi on your device can avoid it.

You’d think that as long as you didn’t connect to untrusted Wi-Fi networks, you would be okay. But the problem is, most iPhones are programmed to connect to certain hotspots automatically.

For instance, devices connected to AT&T will automatically connect to hotspots named “attwifi,” and unless you disable Wi-FI on your device, there’s no way to prevent that.

Attackers could easily set up a hotspot with the right name in a busy coffee shop, then, and there will be no shortage of devices connecting to it without their owner’s knowledge.

“Anyone can take any router and create a Wi-Fi hotspot that forces you to connect to their network, and then manipulate the traffic to cause apps and the operating system to crash,” Skycure told attendees at RSA.

“There is nothing you can do about it other than physically running away from the attackers. This is not a denial-of-service where you can’t use your Wi-Fi – this is a denial-of-service so you can’t use your device even in offline mode.”

The good news is, the worst thing the attackers can do is force your device into a boot-loop. They cannot gain access to your device or steal your data using this hack, so it’s really nothing more than a hugely annoying prank.

But Skycure points out that it could cause major disruption in sensitive locations, like a political events, or places like Wall Street. Fortunately, the company has no plans to make the intricacies of the attack public, so there is no how-to guide for attackers.

What’s more, Skycure is working with Apple to address the issue, and says the Cupertino company has responded quickly to it. That should mean we’ll see a fix in an iOS update very soon.

[via Gizmodo]