A few days ago, Apple rolled out the iOS 15.0.2 update on all compatible iPhones. The firmware includes a fix for many recently appeared bugs, including the bug preventing AirTags or certain objects from appearing in the Find My app or the CarPlay error that blocked audio apps. iOS 15.0.2 also contained a patch for a dangerous security vulnerability.
Unfortunately, the Chinese hackers managed to bypass Apple's security measures in 15 seconds. During the Tianfu Cup, an international hacking competition held in China, the Kunlun Lab team accomplished the feat of hacking an iPhone 13 Pro running iOS 15.0.2 remotely.
A DEFECT IN SAFARI ALLOWS TO HACK AN IPHONE 13 PRO
Hackers exploited a security vulnerability in the Safari Internet browser. Thanks to this breach, unknown to the public, they quickly managed to bypass the browser's defenses. It was enough to open a corrupt link on the iPhone for the device to fall at the mercy of hackers. On stage, the team then ran the code arbitrarily and remotely without encountering resistance.
Obviously the attack on the iPhone 13 Pro was not imagined in a matter of minutes. Kunlun Lab hackers have been working on how this cyber attack developed for months. If the attack is deployed in 15 seconds, its development requires months of work by several experts. Hacking an iPhone is therefore not within the reach of the first hacker. For his performance, Kunlun Lab won a $ 120,000 prize.
During the Tianfu Cup, Team Pangu managed to jailbreak an iPhone 13 running iOS 15.0.2. The result is all the more impressive since the update has just been released by Apple. The Pangu pirates have also won the Tianfu Cup. They left with a $ 300,000 reward.
It won't take Apple long to correct the flaws revealed by the hackers. The iOS 15.1 update, which is expected to launch "next week", is expected to include a number of fixes for these violations.