Bluetooth is a wireless connectivity option that we use a lot, whether it’s pairing devices with headphones, speakers, keyboards, or mice. Unfortunately for iPhone users, it appears that a Bluetooth exploit has been discovered where it can be used to remotely wipe nearby iPhones.
The scary thing about this exploit is that the iPhone owner has nothing to do on their side which means you don’t have to click on suspicious links, open emails strange, etc. According to a tweet from the researcher who discovered it, it looks like it could be as simple as the hacker walking around with a Bluetooth enabled laptop in their backpack and remotely wiping iPhones around them.
POC? RCE up to 15.0.X ~ High level proximity based bluetooth LE operation to remotely wipe iDevices based on proximity only! No physical access to the device.
In short, you can put a laptop in a backpack and ride a bike in a city wiping iPhones 🙂
– Robert (@RobertCFO) October 13, 2021
The good news is that Apple has since been made aware of the issue and it is apparently fixed in iOS 15.1. However, since iOS 15.1 is still in beta, that means virtually everyone who is not in beta is vulnerable to the exploit. The researcher doesn’t detail how the feat can be achieved, but they apparently plan to publish a proof of concept soon.
Some have pointed out that the email Apple sent to the researcher asked them to keep the details private until the release of iOS 15.1, which is apparently in the coming weeks on October 25, so we may have to. be waiting until then to see the proof of concept.