Adi Sharabani and Yair Amit have revealed a zero-day vulnerability in iOS 8 that, when exploited by a malicious wireless hotspot, will repeatedly crash nearby Apple iPhones, iPads and iPods.
The Skycure bods say the attack, dubbed "No iOS Zone", will render vulnerable iOS things within range unstable – or even entirely unusable by triggering constant reboots.
“Anyone can take any router and create a Wi-Fi hotspot that forces you to connect to their network, and then manipulate the traffic to cause apps and the operating system to crash,” Sharabani told the RSA security conference in San Francisco. “There is nothing you can do about it other than physically running away from the attackers. This is not a denial-of-service where you can't use your Wi-Fi – this is a denial-of-service so you can't use your device even in offline mode.” The denial-of-service is triggered by manipulating SSL certificates sent to the iOS devices over Wi-Fi; specially crafted data will cause apps or possibly the operating system to crash.
"As the vulnerability has not been confirmed as fully fixed yet, we’ve decided to refrain from providing additional technical details, in order to make sure iOS users are not exposed to the exploit caused by this vulnerability," the pair explained.
It is a choice attack for disrupting political events, or at financial hubs like Wall Street, Sharabani suggested. Experts are still working with Apple to address the security hole, Amit told. He praised the California giant for its quick response in attempting to tackle the No iOS Zone vulnerability. He also said the attack can be combined with HTTP request hijacking to trick iOS apps into pulling information from an attacker's servers, allowing the miscreant to compromise the software by feeding it bad data.
110 Reykjavik, Iceland