Researchers Reveal Jailbroken iPhone Exploit

A new jailbreak for the Apple iPhone has provided another example of remote exploits on mobile devices, security researchers say.

According to security researchers, the JailbreakMe 2.0 exploit takes advantage of two distinct vulnerabilities of free devices running Apple’s iOS. Now officially legalised, jailbreaking allows users to run unauthorised third-party applications on a mobile device.

The first bug Jailbreak 2.0 uses is related to the processing of Compact Font Format data within a PDF document, explained Vupen Security CEO Chaouki Bekrar. The second is a flaw in the kernel that can be exploited to “gain elevated privileges and bypass sandbox restrictions.”

Remote Exploit

Attackers could exploit the first bug remotely by tricking iPhone users into visiting a malicious site that would then redirect the browser to the appropriate malicious PDF file depending on the device model and version, Bekrar said. Once done, the kernel flaw can be exploited to take control of the device.

“The bad news is that the exploits affect all versions of Apple iPhone, iPad and iPod, and they could be easily modified and used by criminals to compromise Apple devices via drive-by download attacks,” Bekrar told eWEEK.

Apple did not respond immediately to a request for comment on the issue. However, Kevin Haley, director of Symantec Security Response, noted that details of the jailbreak exploit code are not publicly documented, and “the authors seem to have gone to some effort to obfuscate the code.”

Still, it is possible the exploit code could be altered by an attacker to deliver a malicious payload, Haley said. “Based on the facts right now, I think Apple should be concerned [about] this,” he said.

Jailbreak

While there has not been a huge volume of remote exploits for mobile devices relative to the number for desktops and applications, there have been several that could lead to the complete compromise of devices, said Michael Price, senior operations manager for McAfee Labs for Latin America. There are also a fairly large number of known vulnerabilities that could, theoretically lead to exploitation but that do not have corresponding public exploits, he added.

To Dave Marcus, security research and communications manager at McAfee, the situation should serve as a wake-up call for anyone with a mobile device: Remote exploitation is real and here to stay. “For now these vulnerabilities are being used only—as far as we know—to jailbreak iPhones, but they could be used to do many other things to iPhones and their owners around the world,” Marcus blogged.

Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved

Share
Published by
Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago