Versions prior to the latest Apple OS version, the newborn iOS 9, are affected by a serious AirDrop Bug. The AirDrop Bug could be exploited by hackers to take full control of Apple iPhone or Mac machines.
The AirDrop Bug has been disclosed by the Australian security researcher Mark Dowd, AirDrop is a proprietary service that enables the transfer of documents among supported Macintosh computers and iOS devices.
AirDrop bug can be used to target people wirelessly in close proximity. Also useful for lock-screen bypass
— mdowd (@mdowd) 16 Settembre 2015
The AirDrop bug allows anyone within the range of an AirDrop user to silently install a malware on the targeted Apple device by sending an AirDrop file which causes rebooting of the target. The vulnerability affects iOS versions supporting the AirDrop from iOS 7 onwards, as well as Mac OS X versions from Yosemite onwards.
The principal problem for Apple users is that an attacker can exploit the AirDrop bug even if the victim rejects the incoming file sent over AirDrop.
After rebooting the device, the malware gains access to Springboard, the Apple’s software to manage iOS home screen, allowing the malicious app to masquerade the rights granted to the bogus application.
These rights include access to:
It is clear that by having access to the above features of the phone, the attacker can fully compromise the victim’s device.
Below a video PoC of the AirDrop bug exploitation published by Dowd, the video shows an attack on an iPhone running iOS 8.4.1.
The AirDrop bug has been fixed in the last iOS 9 that comes with a sandbox mechanism implemented by Apple that block attackers for writing files to arbitrary locations on the device via AirDrop service.
Waiting for a complete patch to fix the issue, Apple users urge to Update to iOS 9 and Mac OS X EI Capitan, which are in imminent outgoing.
(Security Affairs – Hacking, Apple Airdrop bug)