A group of researchers from Johns Hopkins University have found a bug in Apple’s iMessage platform that would allow attackers to intercept and decrypt video and images sent on iMessage.
An exploit that affects versions of iMessage prior to iOS9 was initially discovered and partially patched by Apple last fall, during the release of iOS9. However, Professor Matthew D. Green from John Hopkins University has revealed to the Washington Post that he had long suspected a possible flaw in Apple’s encryption process that was specifically used for iMessage.
Sure enough, he and his graduate students mounted an attack to show that they could break the encryption that is meant to protect photos and videos sent on iMessage.
The fundamentally simple hacking exploit involves the creation of a software that emulates an Apple server that is then used to intercept files. The encrypted transmission that was targeted by the professor and his students contained the link to a photo stored on Apple’s iCloud server, along with the 64-digit encryption key required to decrypt the photo.
While the students were unable to see the digits, they simply took to guessing the decryption code by a brute force technique that saw them repeatedly change a digit or a letter of the key before sending it back to the targeted phone. Whenever a correct digit was guessed, the phone accepted it. Through thousands of repeated attempts, quickly achieved by a modern computer using brute-force, they had the key.
With the key, the team was able to retrieve the photo from Apple’s server. Notably, Green revealed that a modified version of the exploit would also work on later versions of iOS. He added, that the hacking skills required to come up with such an exploit would require a nation state pulling the strings behind it.
The flaw itself has nothing to do with the current stand-off between Apple and the FBI with the latter demanding that Apple help them install a backdoor to gain access to the entire phone, not just the iMessages platform. Furthermore, gain access to a user’s phone comes with encryption that does not allow brute-force methods to guess the user’s passkey.
For its part, Apple has completely patched the exploit with the release of iOS 9.3 which is due to be released today. The release comes as a part of a wider event where further updates to software and even hardware releases such as new versions of the iPhone are rumored to be announced.
It is recommended iOS users update to the latest version of iOS, as soon as possible.
Featured image from Pexels.