What was first a seemingly harmless WiFi bug now poses an actual threat for iPhone users. Experts have discovered the tangible threat and warned iPhone users that these malicious network names can be harder to distinguish from legitimate ones.
Find out how you can avoid the security risk and keep your data safe.
iPhone WiFi Hack
Last month, reports of an iPhone Wi-Fi Bug that disables network connection first appeared to be harmless although it did have the potential to be exploited by hackers or anyone with malicious intent.
Now, according to Forbes, the threat is very real. Based on a research done by mobile security specialist ZecOps, they discovered a serious “zero-click” flaw was silently patched in the iOS 14.4 update.
Exploiting the vulnerability can be applied to the recent iPhone WiFi hack.
What this means is it can easily transform from being a relatively harmless denial of service (DoS) threat, the kind that was reported last month, into local privilege escalation (LPE) and remote code execution (RCE) attacks that can basically let hackers get into your phone and do whatever they want with it and all its contents–all done remotely!
After joining my personal WiFi with the SSID “%p%s%s%s%s%n”, my iPhone permanently disabled it’s WiFi functionality. Neither rebooting nor changing SSID fixes it :~) pic.twitter.com/2eue90JFu3
— Carl Schou (@vm_call) June 18, 2021
“The recently disclosed ‘non-dangerous’ WiFi bug is potent,” warned Zuk Avraham, the CEO of ZecOps, per Forbes.
The attacker can infect an iPhone or iPad runnion iOS 14.3 or earlier without any interaction with an attacker, ZecOps explained. This is known as a zero-click attack.
For iPhone users running on the latest version of iOS (14.6), joining a malicious WiFi network can leave the device vulnerable. What’s alwarming is it is possible to construct a network name that does not expose the user to the weird characters that was described in earlier reports of the bug. This means even legitimate-looking or existing network names are actually malicious networks in disguise.
Apple has been working on a fix with their recent betas of iOS 14.7, said Forbes; however these attacks are new and,…