London Daily

Focus on the big picture.
Saturday, Jul 05, 2025

Google engineer demonstrate how he could get full control and copy all data from 25 iPhones without touching them

iPhone security? Hmmm... In this demo I remotely trigger an unauthenticated kernel memory corruption vulnerability which causes all iOS devices in radio-proximity to reboot, with no user interaction. Over the next 30'000 words I'll cover the entire process to go from this basic demo to successfully exploiting this vulnerability in order to run arbitrary code on any nearby iOS device and steal all the user data

One of the geniuses working for Google on Project Zero wrote on his blogpost and on his YouTube videos:

Introduction
Quoting @halvarflake's Offensivecon keynote from February 2020:

"Exploits are the closest thing to "magic spells" we experience in the real world: Construct the right incantation, gain remote control over device."

For 6 months of 2020, while locked down in the corner of my bedroom surrounded by my lovely, screaming children, I've been working on a magic spell of my own. No, sadly not an incantation to convince the kids to sleep in until 9am every morning, but instead a wormable radio-proximity exploit which allows me to gain complete control over any iPhone in my vicinity. View all the photos, read all the email, copy all the private messages and monitor everything which happens on there in real-time.

The takeaway from this project should not be: no one will spend six months of their life just to hack my phone, I'm fine.

Instead, it should be: one person, working alone in their bedroom, was able to build a capability which would allow them to seriously compromise iPhone users they'd come into close contact with.

Imagine the sense of power an attacker with such a capability must feel. As we all pour more and more of our souls into these devices, an attacker can gain a treasure trove of information on an unsuspecting target.

What's more, with directional antennas, higher transmission powers and sensitive receivers the range of such attacks can be considerable.

I have no evidence that these issues were exploited in the wild; I found them myself through manual reverse engineering. But we do know that exploit vendors seemed to take notice of these fixes. For example, take this tweet from Mark Dowd, the co-founder of Azimuth Security, an Australian "market-leading information security business":

Watch the videos and read his full post here.

Newsletter

Related Articles

0:00
0:00
Close
London Stock Exchange Faces Historic Low in Initial Public Offerings
A new online platform has emerged in the United Kingdom, specifically targeting Muslim men seeking virgin brides
Trump Celebrates Independence Day with B-2 Flyover and Signs Controversial Legislation
Boris Johnson Urges Conservatives to Ignore Farage
SNP Ordered to Update Single-Sex Space Guidance Within Days
Starmer Set to Reject Calls for Wealth Taxes
Stolen Century-Old Rolls-Royce Recovered After Hotel Theft
Macron Presses Starmer to Recognise Palestinian State
Labour Delayed Palestine Action Ban Over Riot Concerns
Swinney’s Tax Comments ‘Offensive to Scots’, Say Tories
High Street Retailers to Enforce Bans on Serial Shoplifters
Music Banned by Henry VIII to Be Performed After 500 Years
Steve Coogan Says Working Class Is Being ‘Ethnically Cleansed’
Home Office Admits Uncertainty Over Visa Overstayer Numbers
JD Vance Questions Mandelson Over Reform Party’s Rising Popularity
Macron to Receive Windsor Carriage Ride in Royal Gesture
Labour Accused of ‘Hammering’ Scots During First Year in Power
BBC Head of Music Stood Down Amid Bob Vylan Controversy
Corbyn Eyes Hard-Left Challenge to Starmer’s Leadership
London Tube Trains Suspended After Major Fire Erupts Nearby
Richard Kemp: I Felt Safer in Israel Under Attack Than in the UK
Cyclist Says Police Cited Human Rights Act for Riding No-Handed
China’s Central Bank Consults European Peers on Low-Rate Strategies
AI Raises Alarms Over Long-Term Job Security
Saudi Arabia Maintains Ties with Iran Despite Israel Conflict
Musk Battles to Protect Tesla Amid Trump Policy Threats
Air France-KLM Acquires Majority Stake in Scandinavian Airlines
UK Educators Sound Alarm on Declining Child Literacy
Shein Fined €40 Million in France Over Misleading Discounts
Brazil’s Lula Visits Kirchner During Argentina House Arrest
Trump Scores Legislative Win as House Passes Tax Reform Bill
Keir Starmer Faces Criticism After Rocky First Year in Power
DJI Launches Heavy-Duty Coaxial Quadcopter with 80 kg Lift Capacity
U.S. Senate Approves Major Legislation Dubbed the 'Big Beautiful Bill'
Largest Healthcare Fraud Takedown in U.S. History Announced by DOJ
Poland Implements Border Checks Amid Growing Migration Tensions
Political Dispute Escalates Between Trump and Musk
Emirates Airline Expands Market Share with New $20 Million Campaign
Amazon Reaches Milestone with Deployment of One Millionth Robot
US Senate Votes to Remove AI Regulation Moratorium from Domestic Policy Bill
Yulia Putintseva Calls for Spectator Ejection at Wimbledon Over Safety Concerns
Jury Deliberations in Diddy Trial Yield Partial Verdict in Serious Criminal Charges
House Oversight Committee Subpoenas Former Jill Biden Aide Amid Investigation into Alleged Concealment of President Biden's Cognitive Health
King Charles Plans Significant Role for Prince Harry in Coronation
Two Chinese Nationals Arrested for Espionage Activities Against U.S. Navy
Amazon Reaches Major Automation Milestone with Over One Million Robots
Extreme Heat Wave Sweeps Across Europe, Hitting Record Temperatures
Meta Announces Formation of Ambitious AI Unit, Meta Superintelligence Labs
Robots Compete in Football Tournament in China Amid Injuries
Trump Administration Considers Withdrawal of Funding for Hospitals Providing Gender Treatment to Minors
×