A white hat hacker in China has proven that iPhones are as vulnerable to attacks as Android counterparts; that too the latest iPhone 13 series. Apple sells the iPhone on the promise of privacy and security at the highest level. The latest iPhone 13 models are ahead with only the latest iOS 15 onboard. However, a white hat hacker in China has proved that iPhones are as vulnerable to attacks as their Android counterparts; That too the latest iPhone 13 series.
The iPhone 13 Pro got hacked in 1 second!
A white hat hacker from Pangu Labs managed to remotely jailbreak the iPhone 13 Pro in about a second. All the hacker needed was for the user to click on a link on the device and the process was on. The hacker managed to get to the highest level remotely on this jailbroken iPhone 13 Pro and even wipe all the data.
All user data accessed
After the iPhone was jailbroken, the hacker was able to access all the user’s information easily. The White Hat hacker managed to gain access to the photo albums and apps on the device. It was also possible to delete data remotely.
iPhone 13 Pro, Windows 10, Google Chrome HACKED, but not Xiaomi Mi 11
Chinese hackers recently managed to compromise the iPhone 13 Pro running iOS 15, Windows 10, Google Chrome, Microsoft Exchange, Ubuntu 20, Adobe PDF and many others during the Tianfu Cup held in China. Xiaomi Mi 11 remained hack-proof.
In a shocking development, Chinese hackers hacked iPhone 13 Pro, Windows 10, Chrome and many other products which are considered difficult for any hacker to crack. The only good thing here is that it happened in a legitimate way – in a contest. However, if it could happen in a competition, imagine what a hacker would be doing! Computer hacking contests are one of the best ways for cyber security researchers to show off their skills, showcasing how products and services can be breached due to security flaws. These events, such as the Pwn2Own event that begins on November 2 in the US and the more recent Tianfu Cup in China, are some of the most popular in the world. During the recently concluded Tianfu Cup, hackers from China managed to break into and compromise a wide variety of products including Windows 10, iOS 15, Google Chrome, Ubuntu 20, Adobe PDF and many more. Although the Chinese-made smartphone Xiaomi Mi 11 managed to beat all the attempts to hack it.
According to a report in Forbes, Chinese hackers participating in the annual Tianfu Cup competition on October 16 and 17 were able to break into Apple’s new smartphone iPhone 13 Pro, which was launched in September. The smartphone, which was (at the time) updated to the latest version of iOS 15.0.2, was successfully hacked twice by team Pangu and Kunlun Lab, and reportedly saw the first iOS 15 jailbreak with a remote code vulnerability. , which does not require a connection to the target device.
Desktop operating systems Windows 10 and Ubuntu 20 were also not spared, with experts managing to take advantage of Windows 10 five times, while Ubuntu 20 was compromised four times. Meanwhile, popular products such as Microsoft Exchange Server, Adobe PDF, Parallels VM, Docker CE. Reportedly, VMWare ESXi and Workstation were also sabotaged during the Tianfu Cup event. Google Chrome was compromised twice during the incident.
According to a report in The Record, three of the 16 products available were not hacked successfully. These included the Xiaomi Mi 11, Synology DS220j and an unbranded Chinese electric vehicle. The report states that the iPhone 13 Pro hack, which got jailbreak over the air, won a $3,00,000 prize this year. The details of all these security flaws and vulnerabilities will be disclosed to companies (also known as responsible disclosure) so that they can patch them, after which they will be disclosed to the public.
Ever since the Chinese government invoked regulations to prevent security researchers from taking part in international hacking competitions such as Pwn2Own, the annual Tianfu Cup, held in Chengdu, has been the place for the best hackers in China to demonstrate their collective prowess.
This past weekend saw the latest competition take place and the newest iPhone, the iPhone 13 Pro running the latest and fully patched version of iOS 15.0.2 to be precise, was hacked in record time. Twice.
The Kunlun Lab team, whose CEO is a former CTO of Qihoo 360, was able to hack the iPhone 13 Pro live on stage using a remote code execution exploit of the mobile Safari web browser. And do so in just 15 seconds flat.
Of course, months of preparation were likely involved in getting to this point, but the result was devastating and devastatingly fast. However, full details of the vulnerability or vulnerabilities exploited have yet to be revealed.
Lucid Motors Creates The World’s Most Advanced Battery-Electric Car: A Conversation With CEO Peter Rawlinson
Actor Ice Cube Exits Sony Film After Refusing Covid-19 Vaccine
iOS 15: Outstanding New Privacy Features Will Change Your iPhone Forever
Kunlun Lab wasn’t the only team to hack the iPhone 13 Pro, though. Team Pangu, which has a history of Apple device jailbreaking, cemented its reputation in this regard by claiming the top $300,000 cash reward for remotely jailbreaking a fully patched iPhone 13 Pro running iOS 15.
While, again, the full detail of how this was achieved has not been made public, reports suggest it involved a one-click link triggering a remote code exploit that bypassed Safari security mechanisms.
The good news is that hacking is not a crime, as I have repeated time and time again.
Indeed, these hacking teams will turn the details of their exploits over to Apple so that it can release patches for these vulnerabilities. I would expect to see these in either iOS 15.1 or a forthcoming iOS 15.0 security update.
The not so good news is that there have been reports in the past of Chinese state actors using some of these exploits for espionage or surveillance purposes before patches can be released.
It should also be said that Apple products weren’t the only target at the Tianfu Cup 2021 event. Security researchers also successfully launched exploits against Windows 10, Microsoft Exchange and Google Chrome, among others. I’ll bring you more news of those as detail emerges.
I have reached out to Apple for comment and will update this article in due course.
A hack like this also shows that no matter what device you use, it’s always a good idea not to click on malicious links sent from SMS messages or dodgy websites. As the White Hat hacker demonstrated, a cyber attack may be taking place in the background and the victim may now even be aware that it is taking place.