Have you always watched this movie or played this video game for a hacker who can immediately take over someone’s device without even touching it? These scenes are usually unrealistic. But the occasional real-life hack makes them downright believable – a hack like the one you can see examples of in the videos above and below.
Today, Google Project Zero security researcher Ian Beer revealed that until May, many Apple iPhones and other iOS devices were vulnerable to an incredible exploit that could allow attackers to restart remotely and take full control of their devices remotely ̵
How is such a thing even possible? Why should the iPhone even listen to a remote hacker attempt? According to Beer, this is because today’s iPhones, iPads, Macs and watches use a protocol called Apple Wireless Direct Link (AWDL) to create network networks for features like AirDrop (so you can easily transfer photos and files to other iOS devices. ) and Sidecar (for quickly turning the iPad into a secondary screen). Beer not only devised a way to use it, but also found a way to force AWDL to turn on, even if it had been stopped before.
While Beer says that “there is no evidence that these problems have been exploited in the wild” and admits that it took him six months to sniff, test and demonstrate this exploit – and although it has been patched since May – he suggests not to do so accept with ease the existence of such a hack:
The receivable from this project must not be: no one will spend six months of their life just hacking my phone, I’m fine.
Instead it should be: a man working alone in his bedroom was able to build an ability that would allow them to seriously compromise iPhone users with whom they have come into close contact.
Apple did not immediately respond to a request for comment, but the company quoted Beer in the change logs for several of its security updates from May 2020 that are related to the vulnerability.
You can read Beer’s extensive explanation of exactly how the hack worked here.