iPhone: no, there is no flaw that allows you to erase your data via Bluetooth
Yesterday, a cybersecurity researcher claimed to have discovered a critical security flaw in iPhones. With a simple Bluetooth connection, a hacker could erase all of the data stored on the smartphone. After verification, it is actually a fake.
Like any device, iPhones are subject to more or less serious security breaches. Recently, for example, a vulnerability allowing access to Notes without unlocking the smartphone was discovered in iOS 15. Sometimes, these flaws are really worrying, by their simplicity of execution or the consequent damage which they can generate. In short, these security breaches are scary, and some do not hesitate to exploit the vein – in the absence of the vulnerability itself.
On Twitter, a user calling himself RobertCFO posted an email sent by an Apple security technician. The latter confirms the existence of a flaw discovered earlier. A flaw at the very least critical, since it allows access and delete iPhone data via a simple Bluetooth connection. In the mail, the technician says that the breach will be corrected in the next update of iOS 15. Only here it is, it is a fake.
The iPhone Bluetooth vulnerability is a fake
Our colleagues from 9to5mac were the first to relay the information. Some time after the publication of their article, the media reconsidered its statements and announced that the information is false reality. It must be said that the source does not really inspire confidence. Indeed, the Twitter account in question displays very few subscribers, a situation he explains by the fact that his old account was deleted at 47,000 followers. In addition, the email it broadcasts contains a passage explicitly asking him not to reveal the flaw.
On the same subject: iPhone – this flaw makes it possible to hack the smartphone, quickly install the update iOS 15.0.2
So it seemed strange for RobertCFO to still reveal the vulnerability, knowing that a fix was supposedly already in the works. For information, the latter would have concerned above all iOS 15.1 beta users. According to the tweet, it would have been enough for the hacker to connect in Bluetooth to the iPhone concerned to erase all the data. Robert did not however develop the method allowing the hacking.
POC? RCE up to 15.0.X ~ High level proximity based Bluetooth LE exploit to remote wipe iDevices based on proximity alone! No physical device access.
In short can put a laptop in a backpack and ride a bike in a city wiping iPhones 🙂
– Robert (@RobertCFO) October 13, 2021