THIS WEEK'S SPONSOR:

Kolide

The Fleet Visibility Solution for Mac, Windows, and Linux to Help You Securely Scale Your Business


iPhone Exploit Puts Passwords At Risk Within Minutes

German researchers have demonstrated the ability to reveal passwords stored in a locked iPhone in six minutes and without needing to crack the passcode. The attack targets Apple’s password management system known as keychain and is based on existing jailbreak exploits that gives the attacker wide access to the iPhone’s internal data.

Once jailbroken, the researchers installed an SSH server on the iPhone and install a keychain access script. This keychain access script utilizes functions that are built within the phone to access passwords and other data stored in keychain which is then outputted to the attacker. For a demo of the exploit,  jump the break.

The German researchers working at the state-sponsored Fraunhofer Institute of Secure Information Technology explain that the attack works because current iOS devices have a cryptographic key that is based on data within the device and not based upon the passcode. As a result an attacker can gain access to the internal iPhone data through a jailbreak and then access all the information required to get into keychain.

Whilst this attack is limited to accessing data in the keychain, it means data such as the passwords for Google Mail, Microsoft Exchange accounts, voicemail, WiFi passwords and some app passwords are fully compromised and accessible to an attacker with physical access to someone’s iPhone. This poses some serious security threats for corporate companies in particular who have adopted the iPhone, which includes a number of Fortune 500 companies. An attacker could steal an employees iPhone and within minutes have access to a corporate network and the user’s confidential emails.

The researchers also wrote that “control of an e-mail account allows the attacker to acquire even more additional passwords: For many web services such as social networks the attacker only has to request a password reset.”

The only way at this stage to prevent such an attack is to avoid the attacker from physically accessing the iPhone, if they do the researchers say it is imperative to “instantly initiate a change of all stored passwords, additionally, this should be also done for accounts not stored on the device but which might have equal or similar passwords, as an attacker might try out revealed passwords against the full list of known accounts.”

You can read the full research paper by Fraunhofer SIT here.

[Via PCWorld]

Unlock More with Club MacStories

Founded in 2015, Club MacStories has delivered exclusive content every week for over six years.

In that time, members have enjoyed nearly 400 weekly and monthly newsletters packed with more of your favorite MacStories writing as well as Club-only podcasts, eBooks, discounts on apps, icons, and services. Join today, and you’ll get everything new that we publish every week, plus access to our entire archive of back issues and downloadable perks.

The Club expanded in 2021 with Club MacStories+ and Club Premier. Club MacStories+ members enjoy even more exclusive stories, a vibrant Discord community, a rotating roster of app discounts, and more. And, with Club Premier, you get everything we offer at every Club level plus an extended, ad-free version of our podcast AppStories that is delivered early each week in high-bitrate audio.

Choose the Club plan that’s right for you:

  • Club MacStories: Weekly and monthly newsletters via email and the web that are brimming with app collections, tips, automation workflows, longform writing, a Club-only podcast, periodic giveaways, and more;
  • Club MacStories+: Everything that Club MacStories offers, plus exclusive content like Federico’s Automation Academy and John’s Macintosh Desktop Experience, a powerful web app for searching and exploring over 6 years of content and creating custom RSS feeds of Club content, an active Discord community, and a rotating collection of discounts, and more;
  • Club Premier: Everything in from our other plans and AppStories+, an extended version of our flagship podcast that’s delivered early, ad-free, and in high-bitrate audio.