For the past couple of weeks, all kinds of iOS bugs have been coming out of the woodworks. Apple has worked extremely hard to roll out updates fixing these bugs, but researchers continue to stay one step ahead.
Not too long ago, we reported about a dangerous lockscreen hack that allowed anyone to bypass an iPhone’s lockscreen passcode on iOS 6.1. Now, another way has been discovered to access a passcode-locked iPhone without entering the security pin…
First discovered by Benjamin Kunx Mejri, this method starts out very similar to the last lockscreen hack. However, it even allows someone to access all of your data by plugging your device into a USB port. Ars Technica reports:
“The vulnerability is located in the main login module of the mobile iOS device (iPhone or iPad) when processing to use the screenshot function in combination with the emergency call and power (standby) button. The vulnerability allows the local attacker to bypass the code lock in iTunes and via USB when a black screen bug occurs.
The vulnerability can be exploited by local attackers with physical device access without privileged iOS account or required user interaction. Successful exploitation of the vulnerability results in unauthorized device access and information disclosure.”
Here’s the hack in action:
Apple has already confirmed that a patch is on the way with iOS 6.1.3, but has yet to announce a release date. Also, the upcoming update may not be the best solution for many of us, as it will apparently break the Evasi0n jailbreak.
blog comments powered by Disqus