iOS Sync Glitch Lets Attackers Control Devices

April 19, 2018

Researchers have identified a new iOS vulnerability called “trustjacking,” which exploits a feature called iTunes Wi-Fi Sync to give attackers persistent control over victims’ devices.

Symantec researchers presented the vulnerability during a session at RSAC this week and said the vulnerability gives attackers the ability to record and control all activity on a device without being in the same room. Researchers disclosed the vulnerability to Apple, who has released a mechanism to safeguard devices from the vulnerability, they said.

All victims need to do to fall victim to this attack is approve their device’s connection to a malicious computer when syncing with iTunes, they said.

Read More on Threat Post