Android Stagefright like attack for iPhone, All it takes is a specially crafted message to hack your iPhone
If you remember the StagefrightÂ vulnerability in Android discovered in JulyÂ last year, you will know that a potential hacker can gain full access to your smartphone just by sending a specially crafted multi-media message. The Appleâ€™s iOS Â operating system also has a similar vulnerability which can be used by potential hackers to remotely take over your iPhone
This highly critical bug in iOS was discovered byÂ Cisco Talos senior researcher Tyler Bohan, who described the flaw as â€śan extremely critical bug, comparable to the Android Stagefright as far as exposure goes.â€ť
The critical bug has already assigned a CVE-2016-4631 and resides in ImageIO â€“ API used to handle image data â€“ and works across all widely-used Apple operating systems, including Mac OS X, tvOS, and watchOS. According to Bohan, the that the potential hacker needs to do is create an exploit for the bug and send it via a multimedia message (MMS) or iMessage inside a TIFF (Tagged Image File Format) format file. Once the hacker sends the message to an iPhone owner, the exploit is executed. The user would have no chance of detecting the attack, which would begin to write code beyond the normal permitted boundaries of an iPhoneâ€™s texting tool.
The attack could also be delivered through Safari web browser. For this, the attacker needs to trick the victim into visiting a website that contains the malicious payload.
The attack which is similar to Androidâ€™s Stagefright vulnerabilityÂ can also be exploited by making the iPhone owner visit a malicious website containing the malicious payloadÂ through iOS default Safari browser. As in Stagefright, the iOS bug also requires no explicit user interaction would be required to launch the attack since many applications (like iMessage) automatically attempt to render images when they are received in their default configurations.
As said above, the bug can be exploited unknown to the hapless iPhone owner and can give the hacker access to the victimâ€™s authentication credentials stored in memory such as Wi-Fi passwords, website credentials, and email logins. However, for taking full access to the victimâ€™s iPhone, theÂ hacker would need a further iOS jailbreak or root exploit. Thatâ€™s because iOS enjoys sandbox protection, which prevents hackers exploiting one part of the operating system to own the whole thing.
The bugs uncovered by Bohan work across all widely-used Apple operating systems, however, including Mac OS X, tvOS and watchOS. Bohan noted that as Mac OS X doesnâ€™t have sandboxing like iOS, it offers the potential hacker a full opportunity for exploiting the above bug and remotely taking over the Mac with the victimâ€™s password. This makes Appleâ€™s MacBooks highly vulnerable to a remote takeover through simple specially crafted email.Â â€śExploitation wise, Talos estimates there is about a two-week effort to get
â€śExploitation wise, Talos estimates there is about a two-week effort to get from the information we disclosed publicly to a fully working exploit with a decent amount of reliability,â€ť Bohan added.Â also found memory corruption issues in iOSâ€™ CoreGraphics, which helps render 2D graphics across those OSes.
Bohan also found memory corruption issues in iOSâ€™ CoreGraphics, which helps render 2D graphics across those OSes. AnotherÂ serious flaws patched by Apple this week residedÂ in FaceTime, permitting anyone on the same network as a user to spy on their conversations. As per Appleâ€™s description, â€śan attacker in a privileged network position may be able to cause a relayed call to continue transmitting audio while appearing as if the call terminated.â€ť Martin Vigo, a security engineer at Salesforce, uncovered the bug.