Skycure uses Wi-Fi to kill iPhones and iPads
A newly revealed iOS bug allows anti-Apple attackers to force iPhones and iPads into restart loops through repeatedly crashing and rebooting the operating system, using nothing but a Wi-Fi network.
Once the user has entered what its discoverer, Skycure, dubs the no iOS Zone, there’s no way to fix their phone short of running out of the naughty network’s range or suffer a constant reboot cyle.
The basis of the attack uses what Skycure call a “specially crafted SSL certificate” which is generally used to ensure a secure connection but, in this case, instead triggers a bug in the operating system that crashes any app using SSL.
According to the researchers:
As SSL is a security best practice and is utilised in almost all apps in the Apple app store, the attack surface is very wide. We knew that any delay in patching the vulnerability could lead to a serious business impact: an organised denial of service (DoS) attack can lead to big losses.”
As well as crashing individual apps the bug can be used to crash the underlying operating system altogether.
With heavy use of devices exposed to the vulnerability, the operating system crashes as well. Even worse, under certain conditions, we managed to get devices into a repeatable reboot cycle, rendering them useless.”
What is really painful is that, even if you figure out what is happening to your iOS device you won’t be able to disconnect from the Wi-Fi source as your phone or tablet flips out.
When this is partnered with with an earlier vulnerability, named Wi-Figate, which lets attackers force a device to automatically connect to a given Wi-Fi network, Skycure warns that an attack could be crafted which would deny service to any iOS device in a given area.
The researchers say they have warned Apple of the error and are avoiding releasing more technical details about the hack until after Apple has issued a fix.
As Skycure points out:
Think about the impact of launching such an attack on Wall Street, or maybe at the world’s busiest airports, or at large utility plants. The results would be catastrophic.”
Check out the video showing an iPhone trapped in its own little pit of rebooting hell: