Tech

Apple AirDrop flaw leaves users vulnerable to exploit

A newly-discovered vulnerability could result in the remote control of iPhones and Macs.

Written by Charlie Osborne, Contributing Writer Sept. 17, 2015 at 4:01 a.m. PT

A researcher has revealed how a vulnerability within the AirDrop service can be exploited to compromise a victim's Apple device.

As the latest version of Apple's mobile operating system, iOS 9, becomes available, a serious security flaw present in previous versions makes updating crucial.

Australian security researcher Mark Dowd from Azimuth Security has demonstrated the existence of a serious issue impacting the AirDrop service which could leave users vulnerable to attack.

Speaking to Forbes, Dowd said the attack can take place when a hacker is in range of an AirDrop user. Once exploited, an attacker is able to issue a malware payload via a directory traversal attack -- entering the device's core operating system -- before remotely altering configuration files to ensure the exploit still works even if an incoming AirDrop file is rejected by a user.

The AirDrop service is proprietary software which enables the transfer of content including images, videos and GPS data with others nearby who also have an Apple device. While turned off by default, the platform can be enabled from the home screen.

Featured

After reboot, the researcher was able to alter the Springboard home screen management system to trick the OS into accepting a fraudulent certificate and bypass the iPad and iPhone maker's security. Malware was then installed in the third-party application directory.

While malicious third-party apps installed on an iPhone or Mac are sandbox restricted, as the app has been signed, an attacker could still steal valuable data such as GPS coordinates, messages, contact lists or take control of the device's camera based on whatever app entitlements are in place.

In the video below, posted to YouTube, Dowd demonstrates his attack on an iPhone running iOS 8.4.1.

The security problem has been fixed in iOS 9 and in Mac OS X El Capitan 10.11. Users should update their devices as soon as possible, and make sure the service is off until updates have been installed.