Chinese Hacker Publishes PoC for Remote iOS 12 Jailbreak On iPhone X

Haythem Elmir

Here we have great news for all iPhone Jailbreak lovers and concerning one for the rest of iPhone users.

A Chinese cybersecurity researcher has today revealed technical details of critical vulnerabilities in Apple Safari web browser and iOS that could allow a remote attacker to jailbreak and compromise victims’ iPhoneX running iOS 12.1.2 and before versions.

To do so, all an attacker needs to do is trick iPhoneX users into opening a specially crafted web page using Safari browser, that’s it.

However, finding flaws and creating a working exploit to carry out such attacks is not as easy as it may sound for every iOS hacker.

Discovered by security researcher Qixun Zhao of Qihoo 360’s Vulcan Team, the exploit takes advantage of two security vulnerabilities that were first demonstrated at TianfuCup hacking contest held in November last year and then was later responsibly reported to the Apple security team.

Zhao today released some details of and a proof-of-concept video demonstration for his exploit, which he dubbed « Chaos, » after Apple just yesterday released iOS version 12.1.3 to patch the issues.

According to the researcher, the remote Jailbreak exploit is a combination of two vulnerabilities, i.e., a type confusion memory corruption flaw (CVE-2019-6227) in Apple’s Safari WebKit and a use-after-free memory corruption issue (CVE-2019-6225) in iOS Kernel.

As shown in the video demonstration of the Chaos iPhone X jailbreak exploit, the Safari flaw allowed maliciously crafted web content to execute arbitrary code on the targeted device, which then used the second bug to elevate privileges and install a malicious application silently.

However, the researcher has chosen not to publish the code for iOS jailbreak in an attempt to prevent malicious attacks against Apple users and hopes that the jailbreak community would use this information to soon come up with a suitable jailbreak exploit for users.

At this moment, based upon the remote nature of this attack and wide threat surface, it is highly recommended for iPhone users to install the latest iOS update as soon as possible, rather waiting for a jailbreak.


Laisser un commentaire

Next Post

GandCrab ransomware and Ursnif virus spreading via MS Word macros

Security researchers have discovered two separate malware campaigns, one of which is distributing the Ursnif data-stealing trojan and the GandCrab ransomware in the wild, whereas the second one is only infecting victims with Ursnif malware. Though both malware campaigns appear to be a work of two separate cybercriminal groups, we find many similarities in […]