Lockdown was a long slogan during the epidemic, but a few great winter discoveries have been made as a result. Some YouTubers created a light bar that shatters through steel, and a 12-year-old physicist created nuclear fusion in his parents’ playroom – obviously, cross-stitching wasn’t enough for some people. But in a bit of a twist, a member of Google-backed hacking team Project Zero has created a homemade antenna that can be spotted on the iPhone to take full control of them instantly.
Google security researcher Ian Beer can connect to devices via Wi-Fi and control phones remotely, the iPhone uses about $100 of iOS software and readily available tools. This reputation comes as no surprise to those skilled in cybersecurity, who considers Beer to be the best hacker in the world.
Requiring the closest proximity to the target device, the exploit uses the weakness of single memory corruption to execute commands remotely in the memory of the main components of the device.
In a blog post about how he uses it to access devices and how he uses it, Beer explains that taking from his work is quite disturbing. States Beer, one person, someone was able to create a skill working alone in their bedroom that allows them to seriously compromise with their iPhone users if they want to communicate more closely.” There is some good news, now some may be intimidated by the security of their data and their phones.
If your iPhone is last updated to iOS 13.5 this particular exploit has not been patched and so make sure to keep regular software updates on your smartphone to keep any brand-safe at all times. Beer further explained that he had never seen this exploit used before his discovery, so there should be very little concern about the breach as it affects your data.
Many smartphones are not updated regularly as marked by Ray Redacted on Twitter and it can be exploited like this. Phones confiscated from detainees are an example and Ray Redacted mentions that exploitation could put a large number of phones in custody at risk.
Visit Beer’s impressive write-up here, if you are looking for exactly how the hacking device works. The exploitation took 6 months to create and although the end result was easy, the process of getting there took quite a bit of initiative.
Bear has now called on Apple to verify the bug, which involved a $500,000 reward offered by the company for finding “network attacks require no user interaction.” Bear said the money should be donated to charity, should be verified by Apple.
