Recently there have been several flaws that were discovered by security experts that may represent an excellent opportunity for cybercriminals to perform a jailbreak and obtain information. This poses several possible dangers, especially if the users decide to take advantage of the ApplePay feature. The vulnerabilities were discovered by Zimperium and Jan Soucek, the researcher from Ernst and Young. Despite that there may be no records of these bugs actually being exploited, it is strongly advisable if you use an iPhone 6, Apple iWatch or iPad to update it as soon as possible.
The WatchOS MITM Bug
Il 1.0.1 version of WatchOS had some bugs initially. Tuttavia, one was very particular. It is called DoubleDirect and it gives the potential attacker the opportunity to perform MITM( Man In The Middle) attack which might be able to sabotage to some extent the connection between two users of the device. This may result in consequences, varying from monitoring data to possibly faking a conversation from one side, tricking the user by using social engineering. These can lead to a potential jailbreak of the device by cyber criminals. The problem was an ICMP redirect which might enable hackers to not only steal credentials, but also deliver other payloads to the device’s OS and assume control over it, as claimed by Zimperium in their report.
IOS Phishing Warning
There has been a bug discovered that could make the IOS mail application open to phishing attacks. Beware of any prompt pop-ups to type your password after you have already logged into your Apple account. These might turn out to be fake phishing pop-ups that collect your password, and if you have already typed it and you are not certain, it is highly recommended to change it. The phishing scam works by injecting a separate HTML content, and there is a possibility for an attacker to create a password collecting phishing attack. Infatti, according to Jan Soucek’s report, all that may be needed to be done to exploit this bug is:
- 1. Replacing the email address with the one that the attacker wants to use password collection in the file framework.php.
- 2. The uploading of the index.php , framework.php and mydata.txt to the attacker server.
- 3. The sending of HTML modified the code from e-mail.html to the subject.
This type of phishing exploit could be dangerous to most Apple users since it may be typical for such windows to appear from time to time. Since the users are used to them , they might consider the phishing window as something normal when prompted to type their passwords. Jan has also uploaded a video, where he creates a simulated attack to show how the attacker could grant access and possibly jailbreak the device.
Apple have taken measures to cope with the existence of potential attacks against their customers, by implementing longer and more sophisticated password codes for their latest IOS 9 versione. Secondly, they gave the user complete control over the device, by encrypting the phone content when the user locks it, and making it possible to unlock only by entering the 6 digit code, in case they are not using Touch ID.
Because the user could have more control now, caution should be taken when typing the password. The Apple users should also watch for fake messages from friends, and false prompting windows and if they spot them it is advisable to click on cancel immediately. It is also recommended to keep up with all of the updates provided by the tech giant to avoid jailbreaks.