An iPhone bug has been discovered, that could have let hackers remotely lock you out of your smartphone.
The bug was discovered by researcher Kushan Bagaria in the iPhone’s AirDrop feature, which lets users share files between iOS devices.
Mr Bagaria found that the bug let him repeatedly send files to all nearby iPhones set to accept files from ‘Everyone’.
When a file is recieved, Apple ’s iOS blocks the display until the user has accepted or rejected it.
But because iOS didn’t limit the number of file requests an iPhone could accept, a hacker could keep spamming it with files, causing the device to get stuck in a loop, and lock the user out.
(Image: Apple)
On his blog , Mr Bagaria said: “How would you stop this if someone were to use this attack on you? Simply run away! It'll get you out of range from the attacking device. Okay, I'm not sure how well this'd work in an airplane.
“Besides getting away from the attacker, who is also unidentifiable most of the time, you can stop this by turning off AirDrop/WiFi/Bluetooth. This can be done if you can access Control Center from the lock screen but not if you have it disabled.
“Either way you can ask Siri to turn off WiFi or Bluetooth. Restarting your device may also give you some time to turn AirDrop off before the attack takes place again.
Video Unavailable
“To prevent this attack from taking place at all, turn on AirDrop only when you need it and don't ever keep it set to ‘Everyone’.”
Having discovered the bug, Mr Bagaria reported his findings to August, and thankfully the issue has now been fixed.
He added: “It's been fixed in iOS 13.3 with a rate limit (after declining the same device 3 times, iOS will automatically decline any subsequent requests).”
Gloss