Apple Inc.’s iOS operating system contains a bug that lets attackers crash iPhones and iPads within range of a wireless hotspot, security company Skycure Ltd. said.
The devices’ applications and even the entire base software shut down when served with manipulated SSL encryption certificates, Skycure Chief Executive Officer Adi Sharabani said in a phone interview. If hackers manage to force devices within range onto their own wireless network, they can effectively create a “no iOS zone,” according to Tel Aviv, Israel-based Skycure.
“When their programs crash, people tend to put this off as a quality issue,” Sharabani said. “But it can be a serious vulnerability.”
With Apple keeping tight control over its operating system’s code and the applications that may run on it, attackers targeting mobile devices have concentrated on Google Inc.’s Android platform, which gives them more leeway for manipulation. The SSL bug shows that attackers occasionally get the opportunity to damage Apple customers as well.
An Apple representative in London declined to comment. Skycure said it isn’t aware of anyone having exploited the security loophole.
The latest iOS version, the 8.3 released this month, fixed some of the vulnerabilities, while others could still be reproduced, Sharabani said. He declined to provide details so as to not give hackers instructions.
Skycure, founded in 2012 by Sharabani and Chief Technology Officer Yair Amit, specializes in software that protects mobile devices from attacks via the airwaves. The company, which received $8 million last month from investors including Shasta Ventures, discovered in 2013 how hackers can force mobile users onto malicious wireless networks by using privileges normally reserved for mobile carriers.
Skycure researchers found the iOS bug while experimenting with various ways to connect devices to a network. When they brought in a new router and changed the wireless configuration, programs on devices running Apple software began crashing.
Hackers controlling the network that the device is on can also control the certificates that are normally being used to securely transfer data, and use them for a so-called “denial of service” attack. Since SSL encryption is used by iOS and almost all applications available in the app store, the vulnerability concerns a wide range of users.
In the worst case, the devices can be forced into reboot cycles that can only be broken if the customer moves out of range of the malicious network, Sharabani said. Users should make sure to upgrade their operating system soon, and be wary of using public local wireless networks, Skycure said.