No iOS Zone is the name given to a new extremely dangerous vulnerability for the operating system iOS, this affecting the applications installed in our terminals, but also the devices, hackers being able to generate continuous crashes for terminals through DoS attacks that can only be carried out when we are connected to a Wi-Fi HotSpot through which this is exploited vulnerability.
In the video clip above you have PROVEN exploitation of the vulnerability and notice that in the first phase we are talking about the complete closing of the applications when trying to communicate with the servers to which the application connects, the hackers being able to manipulate the SSL certificates of the connections to prevent a connection between the application and the servers, this closing - suddenly.
Apart from closing the applications, the vulnerability can also be used to generate a sudden restart of the terminals or their introduction into a reboot loop from which the devices can no longer be removed, so in certain situations a hacker can completely destroy an iPhone, iPad or iPod Apple's Touch, the terminal can only be repaired by complete replacement.
Basically, by generating a specially crafted SSL certificate, attackers can regenerate a bug and cause apps that perform SSL communication to crash at will. With our finding, we rushed to create a script that exploits the bug over a network interface. With heavy use of devices exposed to the vulnerability, the operating system crashes as well. Even worse, under certain conditions, we managed to get devices into a repeatable reboot cycle, rendering them useless.
For now the vulnerability is not exploited by hackers, but considering that we are talking about a bug that affects SSL connections and can be used for public Wi-Fi HotSpots, there is always the possibility that a person will try to destroy the experience of using a terminal and use this vulnerability in a location where many people connect to the Internet.
In this idea, I suggest you imagine that you are in a mall, or any other public place with free Wi-Fi HotSpots, and you connect to a HotSpot to surf the Internet, but through it this vulnerability is exploited . From that moment you expose yourself to the risk of having the terminals completely damaged by hackers by entering into a reboot loop, all without you knowing or being able to defend yourself.
The good part is that the vulnerability does not affect terminals that are not connected to Wi-Fi networks, and from here you draw your own conclusions about your safety on the Internet. Apple has been notified about this vulnerability, but no one knows when or if it will be fixed, so it could be several months before we have a solution.
