New Apple iOS 16 Exploit Enables Stealthy Cellular Access Under Fake Airplane Mode

[silversurfer]

Content source

https://thehackernews.com/2023/08/new-apple-ios-16-exploit-enables.html

Cybersecurity researchers have documented a novel post-exploit persistence technique on iOS 16 that could be abused to fly under the radar and main access to an Apple device even when the victim believes it is offline.

The method "tricks the victim into thinking their device's Airplane Mode works when in reality the attacker (following successful device exploit) has planted an artificial Airplane Mode which edits the UI to display Airplane Mode icon and cuts internet connection to all apps except the attacker application," Jamf Threat Labs researchers Hu Ke and Nir Avraham said in a report shared with The Hacker News.

Airplane Mode, as the name implies, allows users to turn off wireless features in their devices, effectively preventing them from connecting to Wi-Fi networks, cellular data, and Bluetooth as well as sending or receiving calls and text messages.

The approach devised by Jamf, in a nutshell, provides an illusion to the user that the Airplane Mode is on while allowing a malicious actor to stealthily maintain a cellular network connection for a rogue application.

"When the user turns on Airplane Mode, the network interface pdp_ip0 (cellular data) will no longer display ipv4/ipv6 ip addresses," the researchers explained. "The cellular network is disconnected and unusable, at least to the user space level."

 

[simmerskool]

Probably does not apply but not sure where to post this: last night from 2 very different sites that send two-factor-authentication to my iphone, the codes never arrived. This has not happened to me before. I even shutdown my iphone and rebooted and still neither 2fa code arrived. Then about 20 or 30 minutes later, both arrived at the same time. Assuming cellular network delay, , provider is Verizon. Or something more sinister? (mods if there's a better place to post this please do)