The recently uncovered, and seemingly just mischievous Wi-Fi hotspot bug, could be hiding a major security threat. Moreover, not just Apple Inc. iPhones, but macOS MacBooks, iPadOS iPad, and even Android, Windows, and Linux devices could be compromised, fear security researchers.
A Wi-Fi hotspot with ‘%’ or ‘@’ in its name could completely cripple an iPhone’s wireless connectivity. While it may seem like a harmless prank, “airborne attacks” are just emerging, caution some experts.
Weirdly named Wi-Fi network not just a harmless prank or a bug, discover security experts:
Talking specifically about an iPhone, the weird Wi-Fi hotspot bug is a much bigger security threat as it does not involve any user interaction.
The majority of Apple iPhones automatically latch on to any Wi-Fi hotspot that does not have any security. Essentially, the setting is on by default, and now security researchers are strongly advising to keep the setting disabled.
Meet #WiFiDemon – iOS WiFi #RCE #0day Vulnerability, and a Zero-Click Vulnerability That Was Silently Patched https://t.co/IiumXxKV15
— Ivan Ožić Bebek (@bebinjo) July 19, 2021
However, what’s more concerning is that hackers can increase the damage by further manipulating the “format string flaw”. It appears malicious code writers can place malicious code onto handsets, and even entire networks, claimed reverse engineer Carl Schou.
Surprisingly, hackers can even mask the weird Wi-Fi hotspot using a regular, legitimate network SSID. Speaking about the possibility, Amichai Shulman, CTO of wireless security specialist AirEye, said:
“Our research team was able to construct the network name in a way that does not expose the user to the weird characters, making it look like a legitimate, existing network name.”
WifiDemon Zero-Click iOS Vulnerability: Zimperium Customers Are Protected | Zimperium Mobile Security Blog https://t.co/DbykGbDzC5
— Mobile Security Man (@KalisEric) July 19, 2021
Simply put, attackers can hide dangerous Wi-Fi hotspots or spoof legitimate hotspots. This means not just iPhone but any smartphone user won’t know they are connecting to a rogue connection.
Not just Apple iPhone, but other platforms and devices also vulnerable to new Wi-Fi Hotspot security vulnerability:
This new form of attack has very dangerous implications, warn researchers. “Since the attack traffic is not part of the corporate network, Firewalls, NACs, and Secure WLANs do not protect against this type of attack and most traditional network security solutions remain completely oblivious to it,” observed Shulman.
Hackers can send attack traffic over channels that corporate network traffic does not use. This means network security solutions cannot detect the attack. As there’s no detection, the attack does not leave any trace in the forensics and networking logs.
Meet WiFiDemon – iOS WiFi RCE 0-Day Vulnerability, and a Zero-Click Vulnerability That Was Silently Patched : https://t.co/JWdyqIgZjj credits @ZecOps pic.twitter.com/qiRRvh1uBK
— Binni Shah (@binitamshah) July 19, 2021
If an Apple iPhone running iOS is vulnerable, even Apple MacBook PCs running macOS, and iPad tablets running iPadOS could be susceptible, caution some experts.
If that’s not concerning enough, hackers could exploit format string flaws that might exist in devices running Android, Windows, and Linux. As such, “airborne attacks” are quite new, and hence, could pose an as-yet unaddressed threat vector.
iPhone and iPad users should update to prevent threat actors from exploiting this issue. Nicknamed WiFiDemon, it can run malicious code on out-of-date devices to lock down WiFi SSIDs. #iphone #ipad #wifi #CyberSecurity #wifidemon https://t.co/7nI3zjqt2Q
— Charles Conner-Rondot (@ctconron) July 19, 2021
It is important to note that security experts are currently speculating the potential damage. Many are obviously assuming hackers can compromise devices as such threats are new and rare.
It is quite possible that Windows, Android, and Linux devices have security layers that prevent or thwart such attacks. Nonetheless, it is prudent to never join an untrusted Wi-Fi hotspot. In fact, even public hotspots should be viewed with suspicion, for now.