Want to Hack an IPhone Here Is How - How to, Technology and PC Security Forum | SensorsTechForum.com
NEWS

Want to Hack an IPhone Here Is How

OFFER

SCAN YOUR PC
with SpyHunter

Scan Your System for Malicious Files
Note! Your computer might be affected by iPhone and other threats.
Threats such as iPhone may be persistent on your system. They tend to re-appear if not fully deleted. A malware removal tool like SpyHunter will help you to remove malicious programs, saving you the time and the struggle of tracking down numerous malicious files.
SpyHunter’s scanner is free but the paid version is needed to remove the malware threats. Read SpyHunter’s EULA and Privacy Policy

iphone-hacking-board-dropping-skorobogatov-sensorstechforum

Source: Sergei Skorobogatov’s report

A researcher, named Sergei Skorobogatov at Cambridge University has come up with a solution on how to bypass a protection layer for the very same model iPhones like the one FBI was trying to hack. The independent expert has come up with a research that illustrates the usage of the so-called “NAND mirroring” technique.

What is NAND Monitoring

This technique essentially involves the copying of the NAND flash memory into another chip. This type of memory is the one that contains the NAND flash storage which in this case has the password for unlocking a phone. The same memory is also used on other drives such as flash drives, phone memory cards, and others.

Since the iPhone, a fail-safe system that locks it out completely after a hacker tries to brute force this password, according to Skorobogatov, the copying of this NAND memory allows for this memory to be copied on other devices and allow the hackers to make as many attempts as they wish on the phone.

The FBI has disagreed that this method would work, and they have paid a hefty sum to a private contracting company that was able to hack the phone.

NAND Mirroring Works

The researcher not only explained that this type of hacking technique works but had proven it as well. What he did is he took an iPhone (5c) that is running the 9.3 version of iOS and then he disassembled the phone.

After doing this, he created copies of the data of the NAND memory a lot of times, making multiple copies.

Then, a simple brute-forcer was used that uses different combinations until it discovers the proper code that unlocks the phone. During the process, the brute force had to change between many copies of the NAND memory.

The researcher has explained(https://arxiv.org/ftp/arxiv/papers/1609/1609.04327.pdf) that depending on the password, it’s cracking can take from up to a day to several months. However, do not think that this process is easy. It is a very painful process where one has to perform several methodologic steps:

  • Disassemble the iPhone
  • Make his way to the chip.
  • The painful process of removing the chip.
  • Writing the NAND memory to copy by connecting cables to it’s pads. This is a tricky process because the signals of the connector are not constant. The researcher had to insert resistors to stabilize them.
  • Eavesdrop on the communication of the NAND chip and the phone.
  • Backing up and mirroring the phone’s NAND memory using a PC.
  • Bruteforcing the password with specific software.

Once iPhone is turned on, and it’s screen asks for a passcode, this passcode can be entered six times before the phone is locked. Since the researcher could not initially copy the memory from one chip to another iPhone because of errors in some memory sectors, he devised a method to go around this. He discovered and fixed the errors (inconsistencies between different chips) in the memory and after several failed attempts it was successful to clone the NAND Flash memory chip to a fully working copy of it.

Conclusion

Even though the FBI did not believe that copying of such technology will not work, a simple research proved otherwise. The results of this memory cloning raise some important questions about data security and what measures should be taken into making future iPhones even more secure than before. Thankfully since this situation Apple have released a new iOS 10 that has some improvements regarding security. However, Sergei Skorobogatov is still convinced that even newer iPhones like the six could be hacked using the same method, in case there is a passcode involved.

Ventsislav Krastev

Ventsislav has been covering the latest malware, software and newest tech developments at SensorsTechForum for 3 years now. He started out as a network administrator. Having graduated Marketing as well, Ventsislav also has passion for discovery of new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management and then Network Administration, he found his passion within cybersecrurity and is a strong believer in basic education of every user towards online safety.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...