What was first a seemingly harmless WiFi bug now has an actual threat for iPhone users. Experts have discovered the tangible threat and warned iPhone users that these malicious network names can be even harder to distinguish from legitimate ones.
Let’s find out how you can avoid the security risk and keep your data safe.
iPhone WiFi Hack
Last month, reports of an iPhone Wi-Fi Bug that disables network connection first appeared to be harmless although it did have the potential to be exploited by hackers or anyone with malicious intent.
Now, the threat is very real. Based on a research done by mobile security specialist ZecOps, they discovered a serious “zero-click” flaw was silently patched in the iOS 14.4 update.
Exploiting the vulnerability can be applied to the recent iPhone WiFi hack.
It means that it can easily transform from being a relatively harmless denial of service (DoS) threat, the kind that was reported last month, into local privilege escalation (LPE) and remote code execution (RCE) attacks that can basically let hackers get into your phone and do whatever they want with it and all its contents, what’s more, all done remotely!
“The recently disclosed ‘non-dangerous’ WiFi bug is potent,” warned Zuk Avraham, the CEO of ZecOps.
The attacker can infect an iPhone or iPad runnion iOS 14.3 or earlier without any interaction with an attacker, ZecOps explained. This is known as a zero-click attack.
For iPhone users running on the latest version of iOS (14.6), joining a malicious WiFi network can leave the device vulnerable. What’s alwarming is it is possible to construct a network name that does not expose the user to the weird characters that was described in earlier reports of the bug. This means even legitimate-looking or existing network names are actually malicious networks in disguise.
Apple has been working on a fix with their recent betas of iOS 14.7, however these attacks are new and, given their stealthy nature, can become more popular.
How to Avoid the iPhone WiFi Threat
If your iPhone is running on iOS 12 or earlier, ironically, you are not vulnerable to this security risk.
For everyone else, it is best that you turn off the iPhone’s Auto-Join feature for WiFi connection. Head to Settings > Wi-Fi > Auto-Join Hotspot > Never.
Avoid connecting to WiFi networks with percent signs in their names, as this was how the earlier rendition of the vulnerability manifested and can be how some hackers still operate.
Don’t connect to Wi-Fi networks in public settings either. Knowing that hackers can disguise the malicious network like a real Wi-Fi hotspot, it could be difficult to discern which is safe.
It is also best to prepare backups of your iPhone data just in case and from time to time. Also, reset your Network settings to avoid the known networks your iPhone may connect to automatically. Simply head to Settings > Reset > Reset Network Settings. And only connect to the networks you know.
The next thing to do is wait. Apple will likely release a patch for the version of the flaw in iOS 14.7 and could be released as early as next week.
This new way of orchestrating attacks has the potential to begin a heavy clash between hackers and all big tech companies, espeicall as these new forms of airborne attacks gain popularity.
James Chow 
A P 
T4TeCH 