News

Researchers have uncovered a new exploit for Apple iOS 16 that allows attackers to gain access to a device, even when the user believes it is in Airplane Mode. The exploit, developed by Jamf Threat Labs, involves tricking victims into thinking their device is in Airplane Mode by modifying the UI to display Airplane Mode icons and cutting off internet connection to all apps except the attacker’s application. This means that attackers can maintain access to the device, even when the user believes it is offline. It is important to note that this technique has not yet been used in real-world attacks.

The researchers focused on the way Airplane Mode works and discovered that two daemons, SpringBoard and CommCenter, are responsible for switching the mode. SpringBoard modifies the UI, while CommCenter interacts with the network interface and blocks cellular data access for specific apps. When Airplane Mode is enabled, the network interface for cellular data goes offline.

To create a fake Airplane Mode, the researchers searched for logs related to the activation of Airplane Mode and found a specific string of code. They successfully replaced that code with an empty function, which resulted in a fake Airplane Mode that kept the device connected to the cellular network with uninterrupted internet access.

In addition to manipulating the UI, the researchers made additional tweaks to replicate the typical Airplane Mode experience, such as dimming the cellular icon and preventing user interaction with it. The researchers also discovered that the CommCenter daemon manages a database that records the cellular data access status of each app. By selectively blocking or allowing an app’s access to Wi-Fi or cellular data using the database, the fake Airplane Mode can mimic the real one.

It is crucial for iOS 16 users to be aware of this exploit and take necessary precautions to protect their devices. Apple has not released any official patches or fixes for this vulnerability at the time of writing. Stay updated with the latest security news and follow trusted sources for any developments on this issue.

The post iOS 16 Exploit Allows Attackers to Bypass Airplane Mode appeared first on satProviders.