312-50V10 · Question #871
Steven connected his iPhone to a public computer that had been infected by Clark, an attacker. After establishing the connection with the public computer, Steven enabled iTunes WI-FI sync on the compu
The correct answer is A. IOS trustjacking. iOS Trustjacking exploits the iTunes WiFi sync feature to maintain persistent remote access to an iOS device after a USB trust pairing is established with a compromised computer. This allows the attacker to monitor the device wirelessly long after physical disconnection.
Question
Steven connected his iPhone to a public computer that had been infected by Clark, an attacker. After establishing the connection with the public computer, Steven enabled iTunes WI-FI sync on the computer so that the device could continue communication with that computer even after being physically disconnected. Now, Clark gains access to Steven's iPhone through the infected computer and is able to monitor and read all of Steven's activity on the iPhone, even after the device is out of the communication zone. Which of the following attacks is performed by Clark in above scenario?
Options
- AIOS trustjacking
- BlOS Jailbreaking
- CExploiting SS7 vulnerability
- DMan-in-the-disk attack
How the community answered
(25 responses)- A72% (18)
- B16% (4)
- C8% (2)
- D4% (1)
Why each option
iOS Trustjacking exploits the iTunes WiFi sync feature to maintain persistent remote access to an iOS device after a USB trust pairing is established with a compromised computer. This allows the attacker to monitor the device wirelessly long after physical disconnection.
iOS Trustjacking occurs when a user connects their iPhone to a malicious computer and taps 'Trust' on the device prompt, granting the computer a trusted pairing certificate. Once iTunes WiFi sync is enabled on that machine, the attacker can leverage the trusted relationship to communicate with the device over any shared network - reading data, accessing apps, and monitoring activity - without any further physical connection or user interaction.
iOS jailbreaking exploits firmware vulnerabilities to remove Apple's software restrictions and gain root access to the device file system, which is unrelated to establishing and abusing a computer trust relationship.
SS7 vulnerability exploitation targets weaknesses in the Signaling System 7 cellular network protocol to intercept voice calls and SMS messages at the carrier level, not through device-to-computer USB trust pairings.
Man-in-the-disk is an Android-specific attack that exploits insecure handling of external storage to intercept data exchanged between apps and external storage, and has no relevance to iOS or iTunes sync functionality.
Concept tested: iOS Trustjacking via iTunes WiFi sync exploitation
Source: https://research.checkpoint.com/2018/iphone-privacy-trust-the-computer/
Topics
Community Discussion
No community discussion yet for this question.