Apple is warning millions of users to beware of hackers who could be taking over their iPhones and iPads with ease.
We’ve seen enough warnings from supposed ‘White Hat’ hackers who say how easy it is to get into our personal information, while it’s as simple as borrowing someone’s phone charger to remotely break into your phone.
Instead of the odd isolated incident, Apple has released an emergency security update, confirming it has been struck by some ‘extremely sophisticated' attacks.
Advert
The tech giant says that if you don’t download the latest security patch, you could be leaving your iPhone and iPad vulnerable to breaches.
Apple reiterates that the affected devices aren’t older models that might be nearing the end of their software support.
It’s largely going for newer devices that include the iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later. The company explained: “A physical attack may disable USB Restricted Mode on a locked device.”
Advert
“Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.”
Seemingly discovered by Citizen Lab’s Bill Marczak, he posted: “Update your iPhones.. again! iOS 18.3.1 out today with a fix for an ITW [in the wild] USB restricted mode bypass.”
Despite complaints about iOS 18.3 robbing us of our batteries or slowing our phones to a crawl, Apple says it’s important to keep your devices up to date with the latest rollout of fixes.
The vulnerabilities mean someone could gain ‘full admin access’ to your device, with Apple posting patches to hopefully prevent it.
Advert
The patches are supposed to fix a flaw in the USB Restricted Mode that was introduced in 2018. It disables Lightning or USB ports on iPhones and iPads if they’re locked for more than an hour, with Apple locking them to stop hackers connecting a cable to ports.
It was introduced in response to Grayshift’s ‘GrayKey’ which was designed to unlock any iPhone when connected via USB.
Advert
Anywhere between two hours and three days, the device wouldl then display a black screen with the passcode and other sensitive information.
As noted by The Register, this isn’t the first time Apple has been struck by such an exploit. Devices have previously been hit by commercially available tools from Cellebrite. The company is known for helping law enforcement break into locked phones and was crucial in the case against the attempted assassination of Donald Trump.
The good news is that there have been no confirmed reports of specific attacks on consumers, while Apple hasn’t elaborated on its website.