nerdexam
EC-Council

312-50V10 · Question #871

Steven connected his iPhone to a public computer that had been infected by Clark, an attacker. After establishing the connection with the public computer, Steven enabled iTunes WI-FI sync on the compu

The correct answer is A. IOS trustjacking. iOS Trustjacking exploits the iTunes WiFi sync feature to maintain persistent remote access to an iOS device after a USB trust pairing is established with a compromised computer. This allows the attacker to monitor the device wirelessly long after physical disconnection.

Hacking Mobile Platforms

Question

Steven connected his iPhone to a public computer that had been infected by Clark, an attacker. After establishing the connection with the public computer, Steven enabled iTunes WI-FI sync on the computer so that the device could continue communication with that computer even after being physically disconnected. Now, Clark gains access to Steven's iPhone through the infected computer and is able to monitor and read all of Steven's activity on the iPhone, even after the device is out of the communication zone. Which of the following attacks is performed by Clark in above scenario?

Options

  • AIOS trustjacking
  • BlOS Jailbreaking
  • CExploiting SS7 vulnerability
  • DMan-in-the-disk attack

How the community answered

(25 responses)
  • A
    72% (18)
  • B
    16% (4)
  • C
    8% (2)
  • D
    4% (1)

Why each option

iOS Trustjacking exploits the iTunes WiFi sync feature to maintain persistent remote access to an iOS device after a USB trust pairing is established with a compromised computer. This allows the attacker to monitor the device wirelessly long after physical disconnection.

AIOS trustjackingCorrect

iOS Trustjacking occurs when a user connects their iPhone to a malicious computer and taps 'Trust' on the device prompt, granting the computer a trusted pairing certificate. Once iTunes WiFi sync is enabled on that machine, the attacker can leverage the trusted relationship to communicate with the device over any shared network - reading data, accessing apps, and monitoring activity - without any further physical connection or user interaction.

BlOS Jailbreaking

iOS jailbreaking exploits firmware vulnerabilities to remove Apple's software restrictions and gain root access to the device file system, which is unrelated to establishing and abusing a computer trust relationship.

CExploiting SS7 vulnerability

SS7 vulnerability exploitation targets weaknesses in the Signaling System 7 cellular network protocol to intercept voice calls and SMS messages at the carrier level, not through device-to-computer USB trust pairings.

DMan-in-the-disk attack

Man-in-the-disk is an Android-specific attack that exploits insecure handling of external storage to intercept data exchanged between apps and external storage, and has no relevance to iOS or iTunes sync functionality.

Concept tested: iOS Trustjacking via iTunes WiFi sync exploitation

Source: https://research.checkpoint.com/2018/iphone-privacy-trust-the-computer/

Topics

#iOS trustjacking#iTunes WiFi sync#mobile device compromise#persistent access

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice