A Google security researcher has successfully exploited flaws in the protocol that Apple uses for AirDrop in particular. The result: access to files from iPhones and other iOS devices, and hacking possibilities worthy of the best works of fiction.
The discovery comes from Ian Beer, a security researcher working with the Google Project Zero initiative, and it is thrilling. Several flaws identified in the AWDL (Apple Wireless Direct Link) protocol, used to create a mesh network for certain features such as AirDrop (file sharing between Apple devices) or Sidecar (screen sharing between a Mac and an iPad) could be used to take control of an iPhone remotely. As Ian Beer demonstrates in two videos (available below), file theft was possible, but that’s not all.
The security researcher indicates that it was also possible to read emails and messages, and even to spy on the user by taking control of the microphones and cameras of the iPhone. A relatively rare case, but which is reminiscent of certain works of fiction such as the series Mr. Robot or video games Watch Dogs.
Flaws admitted by Apple, but already filled in the latest versions of iOS
As specified The Verge, the researcher was also able to find a way to force the activation of the AWDL protocol when the latter had previously been manually switched off. Ian Beer nevertheless specified that he had not found ” no evidence that these loopholes have been exploited in nature“. He also explains that it took him 6 months to identify and verify these flaws, then demonstrate that they were exploitable, but specifies that if the use of these flaws was complicated, his discoveries should not be taken lightly. .
« The outcome of this experience shouldn’t be: No one will spend six months of their life hacking my phone, I’m fine. On the contrary, it should be: a person, working alone in his room, was able to acquire a capacity that would allow him to seriously compromise the iPhone users with whom he is in contact.», He indicated.
Contacted byThe Verge, Apple has acknowledged the presence of these flaws in older versions of iOS and said it has repeatedly cited Ian Beer in the release notes for security updates released in May. The group nevertheless indicates that at present, the majority of iPhone users have already switched to the latest versions of iOS, which are no longer exposed to these vulnerabilities. Apple finally indicates that the attacks demonstrated by Ian Beer required to be within Wi-Fi range of the targeted iPhones. This nevertheless reduces the field of possibilities a little for a hacker.