Web-based exploit allows iOS device hijack over Wi-Fi

Skycure has just announced the existence of a web-based security exploit which makes iOS vulnerable over Wi-Fi.

The exploit allows hackers to hijack an iOS device connected to its network by using its mobile apps. The technique allows the hacker to intercept app attempts to cache a web status message and redirect the request to the malevolent server. Once connected, malware can be easily uploaded to the phone without alerting anyone.

skycure-web-request-hijack

Skycure has released app code to prevent this web caching, and you can also manually uninstall apps to prevent this from happening. More practically however, the exploit shows the need to pick your Wi-Fi hotspots carefully, sticking to connections that you know are secure and legitimate. You can rest assured that now this exploit has been uncovered it will very shortly be patched up by Apple.

@TiP_Stephen

Via: Engadget

Tags: , , , , ,