AirDrop flaw puts iOS and Mac users on risk

A researcher Mark Dowd has revealed vulnerability within AirDrop which allowed attacker to install Malware in the Apple device within the range of 50 meters. This vulnerability affects all the devices running iOS 7 or higher. Apple claimed to fix this vulnerability in iOS 9 which is now available to download, but researcher confirmed that vulnerability still exists. Apple will fix this flaw in Mac in OS X 10.11 El Capitan update due on September 30.

According to researcher, if AirDrop is set to accept files from anyone in the vulnerable devices, attacker can install the app in the device from nearby and it will not show any warning dialogues to device owner. He also published a proof-of-concept in a video which you watch below. He demonstrated how he could steal important data such as GPS coordinates, messages, contact or control the device’s camera.

I recommend all Apple device owners to set the AirDrop to off or contacts only. Remove it from control central and do not leave your phone with any suspect person. Keep Bluetooth and Wi-Fi off if not in use. Users should also update their devices to new platform as soon as the update is available.

Related Posts

73 Microsoft GitHub Repos Compromised in Miasma Malware Attack

Your Smart TV Could Be Helping Train AI Models Without You Realizing It

Instagram Fixes Password Reset Bug That Exposed Users' Email Addresses and Phone Numbers

Microsoft Fixes Critical Edge Vulnerability That Could Allow Remote Code Execution

Critical Everest Forms Pro Vulnerability Under Active Attack