Apple iPhone under threat from this bug that allows hacking; here’s how to stop it - step by step guide
This Apple iPhone bug allows miscreants to hack your phone remotely. Here’s how to keep your iPhone safe.
Apple iPhones are widely considered as being bug free and amongst the most secure of mobile devices when it comes to security and privacy. However, that is not really the case, considering some recent developments. Just like any kind of technology, bugs have been discovered in the operating system that could compromise a user's security. A recently discovered iPhone bug could cause users to lose their WiFi connectivity. Now, it has been revealed that this iPhone bug is even more dangerous. This bug can reportedly, allow hackers to execute code remotely on the device without any user interaction at all.
We had reported last month that a researcher had discovered a bug on his iPhone that would disable the device's Wi-Fi connectivity if it tried to connect to a Wi-Fi network with a specific character (%) in the network name, or SSID. At the time, the researcher had stated the only way to regain Wi-Fi connectivity was to reset the device's network settings. Now check the new development and how dangerous this iPhone bug really is.
Meet WiFiDemon: iOS WiFi RCE 0-Day Vulnerability & a 'Zero-Click' Vulnerability That was Silently Patched https://t.co/RCmEsyOSEy— ZecOps (@ZecOps) July 17, 2021
Also read: Looking for a smartphone? Check Mobile Finder here.
Security firm discovers new attack
This bug that reportedly affects iPhone devices all the way up to iOS 14.6, has the potential to allow remote code execution on the device. That means that malicious users could use the bug to run arbitrary code on the user's device, without the user interacting with the device at all. Earlier it was thought that the network reset technique is merely an annoyance for users, but researchers at security firm ZecOps have discovered that the Wi-Fi bug is far more dangerous than previously thought.
How does the WiFiDemon bug affect users iPhones?
According to the firm, which has dubbed the attack WiFiDemon, the attacker could set up a series of hotspots with the name “%a” which is used to run commands in the Objective C programming language. This could be used to take advantage of a weakness in the Wi-Fi system that handles the wireless connections, according to the researchers. You can read the detailed process of how the researchers managed to demonstrate the vulnerability on their blog.
How to stay safe from the Wi-FiDemon bug
Users must first update to the latest version of iOS 14.6 to reduce the risk of being affected by the zero-click vulnerability. They can also stay safe by disabling the Auto Join feature on their iPhone, which is turned on by default. It can be found under Settings > WiFi > Auto-Join Hotspot > (set to) Never. In order to stay safe, users can also make sure their Wi-Fi is turned off in untrusted environments and not to connect to unknown networks, especially those that have the % character in the network name.