Hundreds of millions of iPhones, from the 4S to the Top Ten, have discovered a new vulnerability.
According to cybersecurity experts, the most dangerous feature of this bug is its inestimability – the only way to get rid of it is to buy a new smartphone.
EPIC JAILBREAK: Introducing checkm8 (read “checkmate”), a permanent unpatchable bootrom exploit for hundreds of millions of iOS devices.
Most generations of iPhones and iPads are vulnerable: from iPhone 4S (A5 chip) to iPhone 8 and iPhone X (A11 chip). https://t.co/dQJtXb78sG
— axi0mX (@axi0mX) 27 сентября 2019 г.
It is reported that you won’t be able to patch the device to fix the vulnerability – only owners of devices that came out after the iPhone X are protected from it.
According to Avast Senior Software Engineer Voytech Boczek, it’s really a very serious vulnerability. It uses everything that runs on iOS devices when it’s enabled, and it allows you to access all subsequent processes.
“In addition, the exploit cannot be fixed by an update on existing devices because the code in operation is in constant memory.
The only “fix” is to buy a new device, such as the iPhone XS/XR or newer.
The good news is that this exploit requires physical access to the device, so for most users, this vulnerability is not dangerous.”
At the same time, the expert stressed that criminals and government agencies have received a new tool at their disposal. The default data is encrypted on the iPhone if the user uses some form of screen lock, such as a pin or fingerprint. On older devices that don’t have Secure Enclave (those devices that came out before the iPhone 5c inclusive), this exploit can allow an attacker to create a tool for hacking a “brute force” password in person limiting the number of input attempts.
“Using this vulnerability will allow attackers to hack devices much faster and easier than before. On newer devices, this is prevented by Secure Enclave, which counts data decryption attempts and does not allow overreach. In general, this exploit is mainly useful for people who want to have deeper access to their devices on iOS, but can lead to new, more serious vulnerabilities,” the source concluded.
As it turned out, checkm8 has a second bottom – so, this exploit can be used for jailbreak.
Jailbreak is a process of hacking the iPhone firmware, which is legal but is condemned by Apple because it allows the user to install third-party software on the device. According to hacker Luca Todesco, who is one of the most famous jailbreakers, the new exploit is not yet a full-fledged jailbreak, but it can be brought to mind.
However, it should be taken into account that after the application of jailbreak to return to the original OS will be problematic and, rather, even impossible.
Empowerment also requires the user to be highly literate in the field of information security, as in this case the probability of accidental installation of malware increases.
“Globally, the main problem with the new vulnerability is that attackers can use it to unlock stolen Apple devices,” the expert said.