Google released a powerful tool that could allow security researchers hack Apple's recent OS (operating system) iOS 11.1.2 to find vulnerabilities in the OS. Last week, Google Project Zero security researcher Ian Beer, a very well-known iOS bug hunter, announced on Twitter about releasing the iOS exploit, which left the infosec community inflamed and curious.
On Monday (11 December), Beer publicly released the proof of concept, which according to him, "should work for all devices" running iOS 11.1.2. Beer tweeted that he tested out the exploit on iPhone 7, iPhone 6s and iPod touch 6G, adding that "adding more support should be easy".
However, the exploit is not a full jailbreak as some were hoping for. Instead, Google told Motherboard that Beer's goal in releasing the exploit is to help allow other security researchers to test iOS security and find bugs without having to develop their own exploits. The exploits have already reportedly been fixed by Apple and the tech giant recently released a new version of the OS – 11.2. Users not interested in jailbreaking their devices are advised to immediately update their devices.
iOS exploits are rare and the iPhone is still considered to be one of the hardest consumer devices to hack and/or jailbreak. This makes Beer's exploit all the more valuable. In the past, researchers have been known to sell iOS exploits for significant amounts of cash. Companies such as Zerodium, that sell such exploits, has previously offered up to $1.5m bounty to hackers who could find iOS zero-day vulnerabilities.
This year alone, several Apple exploits have been publicly leaked by security researchers. For instance, in August, an iOS kernel exploit called zIVA, that allowed hackers root access to iPhones was leaked.