Category Archives: Iphone

Many organizations are trying to hack iPhones. Even if it is almost impossible to hack it, specialized hackers find loopholes.

Hack iPhones with AirDrop

Recently, a researcher from Google's IT security team exploited a security flaw that allowed him to certainly hack iPhone through AirDrop.

The vulnerability discussed here regarding a protocol used by Apple to link devices running on iOS to its AirDrop. The discovery of Google researchers has made it possible to access files in iPhones thanks to this security flaw

This article will also interest you: Unlock an iPhone without Apple: the FBI has succeeded this bet

The professional behind this discovery is part of Google's Project Zero initiative. The team of cyber professionals tasked with tracking security vulnerabilities through electronic devices. His name is Ian Beer. In reality it is not a security flaw regarding AirDrop, but several vulnerabilities affecting the AWDL (Apple Wireless Direct Link) protocol, a protocol used by Apple to create a mesh network for certain tasks such as AirDrop which serves particularly as file sharing between Apple devices or Sidecar between the iPad and the Mac for screen sharing.

According to the Project Zero researcher, the fault properly exploiting can allow you to read emails and correspondences from iOS users. It would even be possible to take control of the camera, the miro and the iPhone. But this is rare and difficult to put into practice. Cases of figures that highlight facts present in our television fictions.

In addition, it should be clarified that Apple has acknowledged the existence of its security vulnerabilities. According to the Cupertino firm, the vulnerabilities discussed here have already been resolved in recent versions of iOS.

Even after the manual shutdown of the AWDL protocol, Google's researcher in an interview with the online media, The Verge, claimed to have managed to find a way to force the activation of the same protocol. According to the latter, there is "no evidence that these faults have been exploited in the wild." He also notes that the discovery of these security vulnerabilities, as well as their verification and operation, took him nearly 6 months of study. Therefore, these are discoveries that should not be overlooked by Apple.

"The outcome of this experience should not be: no one will spend six months of their life hacking my phone, I'm fine. On the contrary, it should be: a person, working alone in his room, has been able to acquire a capacity that would allow him to seriously compromise the iPhone users with whom he is in contact," said Ian Beer

Apple, for its part, has acknowledged that it has done enough to fix the security flaws. The U.S. company says it has repeatedly mentioned the names of Google researchers in these notes. The security patches have reportedly been deployed since May. And that the majority of iPhone users already migrated to new versions of iOS that are protected from vulnerabilities stated by the Google researcher. As if to mitigate the seriousness of Ian Beer's comments, the Cupertino firm says that to succeed in the attack as demonstrated by the latter, the attacker must be within the wifi of the target iPhones. This in a way makes it difficult to execute such a hacker for a hacker.

Now access an unlimited number of passwords:

Check out our hacking software

StopCoviD: the problem of iPhones

In a few days the Mobile Tracing application of the French government will be officially deployed.

StopCoviD is supposed to help a pretty laudable deconfinement plan. On Wednesday, May 27, the National Assembly, like several French state authorities, finally gave its consent to allow the public availability of mobile tracking software. The tool is supposed to help control the spread of the virus. And for that to happen, StopCoviD will trace the contamination. By collecting information related to the different interactions between individuals. But first, it should be noted that the application does not geolocate its user. Everything works with Bluetooth. This has the merit of increasing the confidentiality of the information. When two individuals within a perimeter of about 1 meter, their applications will mark the interaction. If one of these individuals is subsequently tested positive for covid-19, a notification is sent to the other, informing him of his contact, prompting the latter to not only isolate himself but also to be tested in turn. The identifications are anonymized, and everything works on the basis of pseudonym. Perhaps one of the problems with the application would be the fact that it is typically based on volunteerism. Information about a person's status can only be shared with their consent, even though the information is anonymized. Indeed, as stated by the President of the National Commission for Information Technology and Freedoms, Marie-Laure Denis, the application will have to require the consent of users in advance on various points: "What data is used, by whom, with whom they are shared, for what purpose, for how long. It is important to ensure that there is no pre-checked box. ».

However, another problem remains. This would be the use of the app on iPhones. When these smartphones running on iOS are on standby, it doesn't put a bluetooth signal. This prevents cross-breeding with other smartphones in the same area. According to the secretary in charge, Cédric O, the crossing should work in the majority of cases, but he acknowledges that it will not work 100%. The most common failures will be linked to the iPhones because of a particular setting. Indeed, the manufacturer of iPhones, Apple, has set up its device so that the bluetooth is automatically blocked when the tool it has activated no longer works. For example, when putting the phone to sleep, for example. Following tests, it was confirmed several times that the mobile tracking application no longer emits a signal a few minutes after the iPhone is locked. That's why the digital secretary said, "It doesn't work 100% of the time. Indeed, if two iPhones on standby intersect, the application does not work, but this is not a very common situation. ». But this limit is not insignificant. According to a study conducted by Fellow Kantar, French smartphone users are made up of 21% iPhone owners, 19% of which are owners of devices running Android. The team in charge of designing the application reportedly claimed to find a way around the problem of iPhone sleep and turning off the bluetooth signal. "If an Android crosses an iPhone, it wakes it up," explains the experts in charge of the project. But the effectiveness of all this will depend on the smartphone model of the operating system version. "Maybe on some very old phones, maybe on some particular versions of iOS or Android that are not widely distributed among the French population, there is a lot to improve," Cédric O said at a hearing in the National Assembly on Tuesday. The Secretary of State states that according to the tests carried out: "We capture between 75 and 80 per cent of the people nearby, or less than a metre away."

In addition, the French government had asked the American firm to remove the protective barrier on the bluetooth to facilitate the operation of the tracing application. Unfortunately, true to itself, Apple simply refuted the request. The pretext remains the same. The security and privacy of iPhone users.

Now access an unlimited number of passwords:

Check out our hacking software

Discovering security flaws on iOS doesn't make much money anymore

There are too many iPhone security vulnerabilities now.

Earlier this week, experts mentioned the fact that several security vulnerabilities are present on iOS, significantly lowering the value of these vulnerabilities that once could cost a large amount of money to discover it.

This article will also interest you: A security flaw discovered on the Safari browser would allow you to hack iPhones and Macs

The problem could surely come from the Cupertino firm's readiness to offer security fixes within a reasonable time frame. Indeed, when a security flaw is exposed publicly, it means that the security has already been plugged by the manufacturer or publisher of the programs concerned. This usually happens when manufacturers and computer security researchers conduct tests and bug-finding programs during the year the tool is made available. When these vulnerabilities are discovered, the manufacturing or publishing company is automatically informed often in exchange for financial consideration (more or less generous). This allows him to get a head start and prepare security patches to fill the gap.

However, the companies involved do not always react properly when a security flaw is discovered by an independent expert. What matters is the last most often to publicly communicate the generality, with the intention of either causing harm to the company or notifying users of the service (because the fault can cause huge problems for them). In some cases, companies are well informed but do not act quickly enough to produce the means necessary to close the security breach. This then makes it easier for hackers to use it to carry out their cyber-malveillance actions. "Sometimes things don't happen that way. And without a reaction from the companies involved, security researchers occasionally put them in front of the fait accompli, pointing the spotlight at large security holes still open and inviting hackers somewhere to rush into them. says Mathieu Chartier.

In this dynamic of discovery and transmission of loopholes in exchange for remuneration, a particular group was born. The one made up of people posing as wholesalers with security vulnerabilities. The aim of the latter is to massively buy the vulnerabilities discovered by independent researchers. These redeemed vulnerabilities allow them to either re-currency them with manufacturers for a more substantial income, or near developer or publisher of computer security solutions. Zerodium is one of those security vulnerability wholesalers. Recently this company announced in an official statement a news that will undoubtedly bring to the image of Apple. Indeed, the company specializing in the wholesale marketing of security vulnerabilities posted on its official Twitter page that it was suspending these activities of purchasing vulnerabilities from Apple devices. This is over a period of 2 to 3 months. The reason that could have pushed Zerodium would be a very large presence of security flaws from the Cupertino firm's devices.

According to the first zerodium official, Chouaki Bekrar, noted that the rewards for security flaws discovered on devices running on iOS for example dropped sharply. Some vulnerabilities that are not critical enough will be demonetized, making many people think that the market for iOS vulnerabilities is about to disappear. The head of the wholesaler firm did not fail to point out that the flaws discovered on Android smartphones are now much more expensive than those present on iOS. The eyes will then be on iOS 14 which is out by the end of this year. Experts expect an improvement in the security of this new version of iOS. For a brand that is known for its safety, this announcement of Zerodium will certainly hurt him. A security increase at iOS 14 would certainly be a way to enhance the market for vulnerabilities in iOS vulnerabilities.

Now access an unlimited number of passwords:

Check out our hacking software

Unlocking an iPhone without Apple: the FBI made this bet

We remember the Cupertino giant's categorical refusal to comply with the FBI regarding the unlocking of the 2 iPhones found during the attack on the Pensacola base in Florida in the United States.

An attack that killed 3 people and injured 8 people. The phones that were supposed to belong to the shooter. Despite Apple's positioning, the FBI recently announced that it had successfully unlocked one of the criminal's iPhones.

This article will also interest you: 8 features to adopt to better secure its iPhone iOS 12

The information was leaked on Monday following a statement made at a press conference by Christopher Wray, the director of the U.S. Federal Police and William Barr, the U.S. Attorney General. According to them, the FBI managed the feat of hacking an iPhone and accessing the contents of one of the phones of the culprit of the attack, known as Mohammed Saeed Alshamrani. Thanks to this feat of the specialists of the U.S. Federal Police, the authorities were able to have some information to highlight certain areas of shadow in their investigation. And according to his information, Mohammed Saeed Alshamrani is directly linked to Al Qaeda.

The U.S. authorities did not fail to raise the really successful fact of any assistance from the Cupertino firm. "We didn't get any help from Apple. Christopher Wray, the head of the federal police, noted strongly, despite the fact that the U.S. Attorney General had engaged in a tussle with the American digital giant in recent months, accusing him of refusing to participate in a criminal investigation, even though his assistance was substantial. Despite this, the U.S. authorities managed to unlock access that was intentionally damaged by the criminal. As a result, they were able to discover that he had a complex relationship with Al Qaeda operatives located in the Arabian Peninsula. They were also able to find a will stored in the attacker's smartphone. A will that was published two months after the attack on the American base by the alleged leader of Al Qaeda in the Arabian Peninsula, at the time when he came to claim the attack on behalf of his organization. "The evidence we have been able to gather from the killer's devices shows that the Pensacola attack was in fact the brutal culmination of years of planning and preparation," the US Federal Police chief said.

It should be noted that this is one of the few times that authorities have been able to access the encrypted content of an iPhone-type smartphone. Being in our case iPhones 5 and 7, it is difficult to determine if this could be repeated in the future and on other models of the American brand. This is what the head of the federal office points out when he says, "Unfortunately, the technique we have developed is not a solution to our overall problem." While the head of the U.S. Federal Police denies receiving outside help, some computer security experts have indicated that the FBI may have used cellebrite, an Israeli company whose industry would be the development of hacking tools. The latter did not want to declare anything on the subject

The Cupertino firm, for its part, is defending itself against the charges of the U.S. Attorney General. It believes it has accomplished what it had to accomplish within legal limits such as providing iCloud backups, transaction data, account information… "The false statements made about our society are an excuse to weaken encryption and other security measures that protect millions of users and our national security. This is because we take our responsibility to national security so seriously that we do not believe in the creation of a backdoor, which will make every device vulnerable to malicious people who threaten our national security and the security of our customers' data. said Apple.

One wonders how long this tussle between the FBI and Apple will continue. It was not the first time and it will certainly not be the last.

Now access an unlimited number of passwords:

Check out our hacking software

Apple faces it as a computer security researcher

The soap opera Apple and the firm Corellium continues to take a more or less unsightly turn and this affects the entire sector.

The Cupertino firm would necessarily like to put the start-up at the foot of the wall.

This article will also interest you: A security flaw on iPhone that could allow iOS Jailbreaks permanently

A few months ago, Apple filed a lawsuit against Corellium for making available computer security researchers, virtual machines running on iOS, with the goal for security researchers to be able to conduct tests on Apple's ecosystem without going through jailbreak. For the American giant, this is clearly an infringement of the protection of its intellectual property, because it has never consented to the development of such a tool as well as its deployment. In a sense, we can say that Apple is totally within its rights. However, Cupertino's hard work against Corellium continues to cause a lot of misunderstanding and worsen its poor relations with security professionals. This only develops and reveals the resentments that have always existed towards Apple.

That's why the vast majority of IT security specialists mentioned that the Cupertino firm didn't really help them with their tasks. And this is even highlighted by the fact that the apple brand took a long time before setting up the Bounty bug system for its devices and systems. And even when it was introduced in 2016, the program was originally only available to a limited number of hackers who were hand-picked. It was not until long after the American firm finally fell to let others participate in its program, long before many other companies of its caliber. This sudden turnaround has no other explanation than the appearance of security vulnerabilities on iPhones for some time. Enough to push American society not only to allow anyone to participate from now on in its Bug Bounty programs but with huge rewards.

But all this hasn't stopped the disgruntled, especially these times when Apple has made a limited selection of security researchers, to whom it has given jailbroken iPhones for their research. Leaving other specialists to fend for themselves, forcing some to buy iPhones to unlock on the black market at often extreme prices. It is in such a context that the solution proposed by Corellium is timely, proving to be very practical as an alternative, because it saves much more time.

While the American giant pointed out in its complaint that its objective is not to obstruct computer security research in any way, it remains that the background it has with several researchers aggrieved by its behavior makes it difficult to believe with such statements, believing that the latter seeks only excuses and would seek behind his complaint , to limit searches yet on iOS. Apple also noted that it would not allow its operating system to be marketed fraudulently for any reason. On Twitter, MalwareTech wrote on the issue: "Apple wants to keep control over the research and the flaws that result from it. His intention is probably to prevent researchers from selling loopholes to brokers."

In its defense, Corellium claims to have participated in several Bounty bug programs launched by Apple. This is using these virtualization technologies that have allowed it to deliver certain security flaws to the American giant. That at no time: "Apple has never made any remarks about a possible intellectual property infringement," a legal document read.

Obviously, Apple's legal action is bearing fruit. Indeed, the giant said the start-up was inciting people who used its software to sell the flaws to the highest bidders. To avoid reprisals from the American giant, many researchers prefer not to turn to Corellium and its solution.

Now access an unlimited number of passwords:

Check out our hacking software