iOS 8 vulnerability crashes iPhones and iPads when connected to WiFi

Security researchers have revealed a vulnerability in iOS 8 that leaves iPhones and iPads open to denial of service (DoS) attacks simply by connecting to Wi-Fi.

This is because Adi Sharabani and Yair Amit from SkyCure, a mobile device security company, have unveiled the vulnerability iOS 8 during the 2015 RSA Conference. It will enable hackers to crash any iPhone or iPad which connects to a wireless network.

Due to this vulnerability, the hackers will be able to manipulate SSL certificates which are used by almost every single app on Apple’s App Store. The hackers will then send them over Wi-Fi to the victim, causing the iPhone or iPad to crash and reboot.

However, SkyCure has provided only limited technical details becuase it does not want the attackers to know the exact method. The company also affirmed that it is working with Apple to help remove the potential vulnerability in iOS 8.

SkyCure has explained in a blog post that for the DoS to actually happen, a Wi-Fi router would need to be setup with a “specific configuration.” A particularly designed SSL certificate would be required for a hacker to perform the DoS, with a script exploiting this bug that SkyCure says is within iOS 8 and the apps on it:

“With our finding, we rushed to create a script that exploits the bug over a network interface. As SSL is a security best practice and is utilized in almost all apps in the Apple app store, the attack surface is very wide. We knew that any delay in patching the vulnerability could lead to a serious business impact: an organized denial of service (DoS) attack can lead to big losses.”

The attackers will not able to access any critical information from your device. The attack’s effects are limited to crashing connected iPhones and iPads.

This type of attacks are likely to be used at events such as protests, concerts, marches and other events where a lot of people will be looking to connect to wireless networks.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

How to Install Kali Linux on VirtualBox [Windows Host] in 2020

Kali Linux is a Debian based Linux distribution, released on the 13th March 2013 as a complete rebuild of BackTrack Linux. It is one of...

Acunetix v13 Release Introduces Groundbreaking Innovations

The newest release of the Acunetix Web Vulnerability Scanner further improves performance and premieres best-of-breed technologies London, United Kingdom – February 5, 2019 – Acunetix,...

What is Ethical Hacking, how to be an Ethical Hacker

Hacking is the process of discovering vulnerabilities in a system and using these found vulnerabilities by gaining unauthorized access into the system to perform...

Basic steps to ensure security Online!

Security concerns are growing day by day due to the growing interconnectivity and technology. Drastic things can happen if you be a little careless...