iPhone and Android Phone Hackable Over Public Wi-Fi Due to Flaw

A flaw in your smartphone's wireless chipset allows the phone to be hacked near public Wi-Fi


There were days when finding a Wi-Fi would be something no less than a wonder itself. But nowadays, Wi-Fi hotspots are everywhere. But the freedom to use public Wi-Fi has given hackers the freedom to use these hotspots as malicious tools. Security experts have stated that a lot of Android devices have a flaw that allows the attacker to use free Wi-Fi and access the device to take over its complete control.

This flaw was discovered in the commonly used Wi-Fi chipset that was created by Broadcom. The chipset is used in many Apple and Android devices.

Image Source: Google Image – An image showing Ivan Krstić (Chief of Security at Apple) showing off his skills at the Black Hat conference.

Apple announced their updating of the flaw, and will push it out in the release of their latest operating system, the iOS 10.3.1. One researcher said prior to Apple’s security patch, if the phone was within range of the Wi-Fi signal, the attacker had the ability to install custom codes on the Wi-Fi chipset in the Apple devices.

Google, on the other hand, with its team of security experts under the mark of Google Project Zero, discovered the problem. The team says that even on a fully updated Nexus 6P, the execution of the malicious script was easy as the Wi-Fi proximity sensor didn’t require any user interference.

Image Source: Google Image – A Broadcom Wi-Fi chipset found in the iPhone 4, which according to the experts is vulnerable to external attacks

This Wi-Fi chip-related exploit uses the Wi-Fi signals that are made up of irregular values; these values are then used to alter the software running on Broadcom’s Wi-Fi chipset to customise the elements present in the Wi-Fi chipset. The experts also explained that by perfectly timing the Wi-Fi signals, the experts were able to modify some regions of the device’s memory. Hackers can also exploit many other elements on the smartphone if the device falls within the range of the malicious Wi-Fi.

According to Gal Beniamini, a member of Google Project Zero, and who also wrote a detailed report on exploiting Broadcom’s Wi-Fi Stack, fewer security updates and no protection on many current smartphones running Android devices made Broadcom wireless chipset an easy target.

Image Source: Google Project Zero – A mobile device complexity flow chart.

Beniamini also explained that firmware implementation in the Broadcom’s Wi-Fi chipset is very difficult, but it still has very little security updates. He further explained that the Wi-Fi chipset has little to no means of stopping such attacks.

The Project Zero member explained how the wireless chipset system hosts a microprocessor unit. It’s installed in such a way that it renders all memory readable and writeable.  This particular ‘feature’, he says, makes it easier for hackers to execute customised codes. The new versions of Broadcom wireless chipsets. however, are going to have a more stable implementation on the micro-processing units.

Image Source: Google Project Zero – A screenshot showing the Tunnel Direct Link Setup traffic co-opts the use of the flag values indicating traffic in an Ad-Hoc (IBSS) network (To-DS=0, From-DS=0).

Like many vulnerabilities we have previously mentioned at AnonHQ, this is one of the more serious ones. For the iPhone users, the patch will be released as soon as the iOS update is introduced to your region. For those in the United States, simply close everything and update your iPhones. As for other iPhone users, exercise caution around public Wi-Fi and use it as little as possible. If you can afford your carrier’s internet packages, then activate one until the official update is available in your region.

As far as Android users are concerned, many will receive the patch from their phone manufacturers. Android users can keep themselves updated by visiting this page.

This article (iPhone and Android Phone Hackable Over Public Wi-Fi Due to Flaw) is a free and open source. You have permission to republish this article under a Creative Commons license with attribution to the author and AnonHQ.com.

Supporting Anonymous’ Independent & Investigative News is important to us. Please, follow us on Twitter:


Get Your Anonymous T-Shirt / Sweatshirt / Hoodie / Tanktop, Smartphone or Tablet Cover or Mug In Our Spreadshirt Shop! Click Here



Please enter your comment!
Please enter your name here