New iOS Vulnerability Lets Attackers Hack iPhone, iPad

Syncing iTunes across devices via Wi-Fi is popular and convenient, but newly discovered attack scenarios could put iOS devices at risk. Symantec researchers discovered a flaw that if exploited would allow attackers to compromise devices. Named “Trustjacking,” the flaw exploits the trust of victims. The attackers leverage the trust that users have in the security of their own devices in order to take control of the device. Rooted in the design of the “iTunes Wi-Fi sync,” the flaw creates a security issue once a device is connected and the sync feature is selected. After the sync feature is turned on, there’s potential for a hacker to take complete control over the device, according to Symantec researcher Roy Iarchy, head of research and modern OS security, who presented the vulnerability at RSA 2018.