Apple iOS Zero-Click Vulnerability Aided By Raspberry Pi
Zero-Click, Zero Physical Contact
Our mobile devices never leave our side; they store our precious memories, passwords, and financial data. If a hacker has direct physical access to our device, then there is a risk to our data. In a recent blog post and video by Ian Beer, a researcher at Project Zero, Beer demonstrated that an iOS device that was not updated with a patch from earlier this year could be remotely hacked using a Raspberry Pi 4.
Ian Beer, a researcher at Project Zero (Google's zero-day vulnerability team), found the attack and published a full 30,000-word blog post covering the attack in great detail.
The attack uses a buffer overflow bug in AWDL, an Apple-proprietary mesh networking protocol designed to allow Apple devices like iPhones, iPads, Macs, and Apple Watches to form ad-hoc peer-to-peer mesh networks. As this protocol is part of the kernel, the core of the operating system, the attacker can access all aspects of the target device without the target's knowledge.
In a video demonstrating the exploit, Beer shows how he could remotely access an iPhone in another room using his laptop and a Raspberry Pi 4. By triggering AWDL over Bluetooth Low Energy (BLE) to advertise remote devices for connections, the Raspberry Pi 4 is then employed to brute force a connection.
At this time, Beer's project takes a few minutes to crack the connection, but with a little effort, it could be sped up. Treat this tale as a timely reminder to keep all of your devices updated and backed up.
Stay On the Cutting Edge: Get the Tom's Hardware Newsletter
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
Les Pounder is an associate editor at Tom's Hardware. He is a creative technologist and for seven years has created projects to educate and inspire minds both young and old. He has worked with the Raspberry Pi Foundation to write and deliver their teacher training program "Picademy".