iOS exploit allows hackers to gain access to photos, messages, and more

How to turn on Messages in iCloud (Image credit: Joseph Keller/iMore)

What you need to know

A member of Project Zero at Google has discovered an exploit that allows hackers to access an iOS device.
The exploit allows a hacker to access photos, messages, and more without the user's knowledge.
The issue is related to the technology that enables features like AirDrop.

Ian Beer, a member of the Project Zero team at Google, has discovered an exploit with the technology used to enable wireless connection features like AirDrop that allowed the hacker to gain access to photos, email, and messages from iOS devices without the user ever knowing.

Beer posted the news earlier today on Twitter, saying that he has been working on the project since the beginning of the year.

Excited to finally publish my lockdown project from earlier this year: an iOS zero-click radio proximity exploit odyssey.https://t.co/UXQvemH0hGExcited to finally publish my lockdown project from earlier this year: an iOS zero-click radio proximity exploit odyssey.https://t.co/UXQvemH0hG— Ian Beer (@i41nbeer) December 1, 2020 December 1, 2020

The developer says that the vulnerability was discovered in a component called AWDL, the technology that enables peer to peer connection, like AirDrop, between Apple devices.

AWDL is enabled by default, exposing a large and complex attack surface to everyone in radio proximity. With specialist equipment the radio range can be hundreds of meters or more.AWDL is enabled by default, exposing a large and complex attack surface to everyone in radio proximity. With specialist equipment the radio range can be hundreds of meters or more.— Ian Beer (@i41nbeer) December 1, 2020 December 1, 2020

Beer pointed out that, in the wrong hands, this kind of exploit could invade privacy on a massive level.

My prototype exploit gains access to any nearby iPhone's memory in just a few seconds; imagine launching the exploit from a drone flying across a protest...My prototype exploit gains access to any nearby iPhone's memory in just a few seconds; imagine launching the exploit from a drone flying across a protest...— Ian Beer (@i41nbeer) December 1, 2020 December 1, 2020

Thankfully, Beer says that he has not found any evidence of this vulnerability being used in public. The developer is also asking to work with Apple to patch the issue through their Bug Bounty Program and has committed to donating any money made from the program to charity.

Joe Wituschek is a Contributor at iMore. With over ten years in the technology industry, one of them being at Apple, Joe now covers the company for the website. In addition to covering breaking news, Joe also writes editorials and reviews for a range of products. He fell in love with Apple products when he got an iPod nano for Christmas almost twenty years ago. Despite being considered a "heavy" user, he has always preferred the consumer-focused products like the MacBook Air, iPad mini, and iPhone 13 mini. He will fight to the death to keep a mini iPhone in the lineup. In his free time, Joe enjoys video games, movies, photography, running, and basically everything outdoors.

Recommended reading

What you need to know