At the recent Black Hat USA conference there was likely more new features shown on the iPhone than what we will see with the arrival of the iPhone 6. The problem is, the features aren’t really new, and they’re not features that users want. The Black Hat USA conference is an annual meeting held in Las Vegas for IT professionals, law enforcement, and white hat hackers, to discuss happenings in IT security. In in a presentation called “Exploit unpatched iOS vulnerabilities for fun and profit” demonstrators showed things that I believe are a bit more important than a larger screen on the next iPhone.
As iPhonians are scouring the internet trying to find the next rumored type of glass that Apple will be using, let’s look at a couple of these exploits that were shown off.
How about an exploit that sounds like it should actually belong on android? The presenters showed a method which could get around the Apple App Store’s review process. By doing so, they were able to successfully publish a malware app to the App Store and then use the app to launch attacks on test devices. All while the app was ‘safely’ within the iOS sandbox.
And even more exciting, how about an exploit that uses the poor wall-hugger’s chargers against them? Well, it wouldn’t be their charger. But a charger that was made for a purpose. A charger that looks like any other iPhone charger, but that has a special surprise inside. The surprise is that once attached, the charger installs malware on the phone. Now this could be especially fun. We know that in our world, we see random iPhone chargers hanging our of plugs nearly everywhere. At our jobs, at friends homes, even sometimes in public places like malls and airports. And iPhone users, always needing a charge, are always willing to plug their phone in when they see one. I imagine this would be a very easy way for hackers to get their malware on users iPhones.
And also, there is fun to be had for those iPhone users that have Window’s computers. Once connecting the iProduct to an infected computer, by utilizing a number of iOS vulnerabilities, the user’s iPhones and iPads can be utilized to attack other users, send spam, and any number of fun things!
Be sure and let our iFriends know, they don’t need to wait until September, or October, or whenever Apple is finally able to release their new phone. New features are being found daily on the iPhone. Features they may not want, but a certain group of malicious hackers out there love these features.
source: GFI Blog