Forwarded from BlackBox (Security) Archiv
Apple’s AirDrop leaks users’ PII, and there’s not much they can do about it
Apple has known of the flaw since 2019 but has yet to acknowledge or fix it.
AirDrop, the feature that allows Mac and iPhone users to wirelessly transfer files between devices, is leaking user emails and phone numbers, and there's not much anyone can do to stop it other than to turn it off, researchers said.
AirDrop uses Wi-Fi and Bluetooth Low Energy to establish direct connections with nearby devices so they can beam pictures, documents, and other things from one iOS or macOS device to another. One mode allows only contacts to connect, a second allows anyone to connect, and the last allows no connections at all.
A matter of milliseconds
To determine if the device of a would-be sender should connect with other nearby devices, AirDrop broadcasts Bluetooth advertisements that contain a partial cryptographic hash of the sender's phone number and email address. If any of the truncated hashes matches any phone number or email address in the address book of the receiving device or the device is set to receive from everyone, the two devices will engage in a mutual authentication handshake over Wi-Fi. During the handshake, the devices exchange the full SHA-256 hashes of the owners' phone numbers and email addresses.
Hashes, of course, can't be converted back into the cleartext that generated them, but depending on the amount of entropy or randomness in the cleartext, they are often possible to figure out. Hackers do this by performing a "brute-force attack," which throws huge numbers of guesses and waits for the one that generates the sought-after hash. The less the entropy in the cleartext, the easier it is to guess or crack, since there are fewer possible candidates for an attacker to try.
The amount of entropy in a phone number is so minimal that this cracking process is trivial since it takes milliseconds to look up a hash in a precomputed database containing results for all possible phone numbers in the world. While many email addresses have more entropy, they too can be cracked using the billions of email addresses that have appeared in database breaches over the past 20 years.
https://arstechnica.com/gadgets/2021/04/apples-airdrop-leaks-users-pii-and-theres-not-much-they-can-do-about-it
#apple #mac #iphone #airdrop #vulnerability
📡 @nogoolag 📡 @blackbox_archiv
Apple has known of the flaw since 2019 but has yet to acknowledge or fix it.
AirDrop, the feature that allows Mac and iPhone users to wirelessly transfer files between devices, is leaking user emails and phone numbers, and there's not much anyone can do to stop it other than to turn it off, researchers said.
AirDrop uses Wi-Fi and Bluetooth Low Energy to establish direct connections with nearby devices so they can beam pictures, documents, and other things from one iOS or macOS device to another. One mode allows only contacts to connect, a second allows anyone to connect, and the last allows no connections at all.
A matter of milliseconds
To determine if the device of a would-be sender should connect with other nearby devices, AirDrop broadcasts Bluetooth advertisements that contain a partial cryptographic hash of the sender's phone number and email address. If any of the truncated hashes matches any phone number or email address in the address book of the receiving device or the device is set to receive from everyone, the two devices will engage in a mutual authentication handshake over Wi-Fi. During the handshake, the devices exchange the full SHA-256 hashes of the owners' phone numbers and email addresses.
Hashes, of course, can't be converted back into the cleartext that generated them, but depending on the amount of entropy or randomness in the cleartext, they are often possible to figure out. Hackers do this by performing a "brute-force attack," which throws huge numbers of guesses and waits for the one that generates the sought-after hash. The less the entropy in the cleartext, the easier it is to guess or crack, since there are fewer possible candidates for an attacker to try.
The amount of entropy in a phone number is so minimal that this cracking process is trivial since it takes milliseconds to look up a hash in a precomputed database containing results for all possible phone numbers in the world. While many email addresses have more entropy, they too can be cracked using the billions of email addresses that have appeared in database breaches over the past 20 years.
https://arstechnica.com/gadgets/2021/04/apples-airdrop-leaks-users-pii-and-theres-not-much-they-can-do-about-it
#apple #mac #iphone #airdrop #vulnerability
📡 @nogoolag 📡 @blackbox_archiv
Ars Technica
Apple’s AirDrop leaks users’ PII, and there’s not much they can do about it
Apple has known of the flaw since 2019 but has yet to acknowledge or fix it.
The Fortnite Trial Is Exposing Details About the Biggest iPhone Hack on Record
via www.vice.com
#iphone #hack #fortnite
via www.vice.com
#iphone #hack #fortnite
Telegraph
The Fortnite Trial Is Exposing Details About the Biggest iPhone Hack on Record
Hacking. Disinformation. Surveillance. CYBER is Motherboard's podcast and reporting on the dark underbelly of the internet. See More → In 2015, unknown hackers snuck malware onto thousands of apps on the iPhone App Store. At the time, researchers believed…
The latest leaks from WikiLeaks’ Vault 7 is titled “Dark Matter” and claims that the CIA has been bugging “factory fresh” iPhones since at least 2008 through suppliers. These documents explain the techniques used by CIA to gain ‘persistence’ on Apple Mac devices, including Macs and iPhones and demonstrate their use of EFI/UEFI and firmware malware.
https://thefreethoughtproject.com/wikileaks-releases-nightskies-1-2-proof-cia-bugs-iphones/
#CIA #iPhone #ciaPhone
https://thefreethoughtproject.com/wikileaks-releases-nightskies-1-2-proof-cia-bugs-iphones/
#CIA #iPhone #ciaPhone
Drivers licenses in Florida going digital for iphone users. One step closer to total digital living.... #Barcodes #DriversLicense We are getting closer and closer to not being able to buy and sell the old school way.. https://macdailynews.com/2021/10/14/florida-is-the-next-u-s-state-to-allow-digital-drivers-license-on-iphone-and-apple-watch/
#id #qr #iphone #apple #watch
#id #qr #iphone #apple #watch
MacDailyNews
Florida is the next U.S. state to allow digital driver’s license on iPhone and Apple Watch
Florida looks to be the next state to allow users to add their driver's license to their iPhone. Those who've settled for pretend iPhones…
This media is not supported in your browser
VIEW IN TELEGRAM
Little tool can crash an #iPhone running iOS 17
Security researchers have discovered that iPhones updated to #iOS 17 are susceptible to a Bluetooth attack using a #Flipper Zero device that can crash the phone
https://www.theverge.com/2023/11/3/23944901/apple-iphone-ios-17-flipper-zero-attack-bluetooth
Comments
Security researchers have discovered that iPhones updated to #iOS 17 are susceptible to a Bluetooth attack using a #Flipper Zero device that can crash the phone
https://www.theverge.com/2023/11/3/23944901/apple-iphone-ios-17-flipper-zero-attack-bluetooth
Comments
The Verge
This little tool can crash an iPhone running iOS 17
iOS 17 appears to have allowed iPhones to be attacked via Bluetooth.
4-year campaign backdoored iPhones using possibly the most advanced exploit ever
"Triangulation" infected dozens of iPhones belonging to employees of Moscow-based Kaspersky.
Researchers on Wednesday presented intriguing new findings surrounding an attack that over four years backdoored dozens if not thousands of iPhones, many of which belonged to employees of Moscow-based security firm Kaspersky. Chief among the discoveries: the unknown attackers were able to achieve an unprecedented level of access by exploiting a vulnerability in an undocumented hardware feature that few if anyone outside of Apple and chip suppliers such as ARM Holdings knew of.
“The exploit's sophistication and the feature's obscurity suggest the attackers had advanced technical capabilities,” Kaspersky researcher Boris Larin wrote in an email. “Our analysis hasn't revealed how they became aware of this feature, but we're exploring all possibilities, including accidental disclosure in past firmware or source code releases. They may also have stumbled upon it through hardware reverse engineering.”
Four zero-days exploited for years
...
https://arstechnica.com/security/2023/12/exploit-used-in-mass-iphone-infection-campaign-targeted-secret-hardware-feature/
#iphone #apple #backdoor
"Triangulation" infected dozens of iPhones belonging to employees of Moscow-based Kaspersky.
Researchers on Wednesday presented intriguing new findings surrounding an attack that over four years backdoored dozens if not thousands of iPhones, many of which belonged to employees of Moscow-based security firm Kaspersky. Chief among the discoveries: the unknown attackers were able to achieve an unprecedented level of access by exploiting a vulnerability in an undocumented hardware feature that few if anyone outside of Apple and chip suppliers such as ARM Holdings knew of.
“The exploit's sophistication and the feature's obscurity suggest the attackers had advanced technical capabilities,” Kaspersky researcher Boris Larin wrote in an email. “Our analysis hasn't revealed how they became aware of this feature, but we're exploring all possibilities, including accidental disclosure in past firmware or source code releases. They may also have stumbled upon it through hardware reverse engineering.”
Four zero-days exploited for years
...
https://arstechnica.com/security/2023/12/exploit-used-in-mass-iphone-infection-campaign-targeted-secret-hardware-feature/
#iphone #apple #backdoor
Ars Technica
4-year campaign backdoored iPhones using possibly the most advanced exploit ever
"Triangulation" infected dozens of iPhones belonging to employees of Moscow-based Kaspersky.
Forwarded from Pegasus NSO & other spyware
"Is Pegasus 2.0 coming?
Apple warns some Indian users their iPhone may be bugged by Pegasus-type spyware | Technology News - The Indian Express -
#Pegasus #NSO #Apple #iPhone #India #Spyware
Apple warns iPhone users in India and 91 other countries about potential spyware attacks. The company previously sent similar warnings to Indian politicians, suggesting possible state-sponsored spyware attacks."Apple warns some Indian users their iPhone may be bugged by Pegasus-type spyware | Technology News - The Indian Express -
#Pegasus #NSO #Apple #iPhone #India #Spyware
#WhatsApp, #Signal and #Telegram among apps cut from #iPhone app store to comply with censorship demand
#China ordered #Apple to remove some of the world’s most popular chat messaging apps from its app store in the country, the latest example of censorship demands on the iPhone seller in the company’s second-biggest market.
https://www.wsj.com/tech/apple-removes-whatsapp-threads-from-china-app-store-on-government-orders-a0c02100
#China ordered #Apple to remove some of the world’s most popular chat messaging apps from its app store in the country, the latest example of censorship demands on the iPhone seller in the company’s second-biggest market.
https://www.wsj.com/tech/apple-removes-whatsapp-threads-from-china-app-store-on-government-orders-a0c02100
The Wall Street Journal
Exclusive | China Orders Apple to Remove Popular Messaging Apps
WhatsApp, Signal and Telegram among apps cut from iPhone app store to comply with censorship demand.
📱 Critical zero-click vulnerability (CVE-2025-55177) within #WhatsApp has been leveraged in targeted #spyware operations, in conjunction with an #Apple Imagel0 flaw (CVE-2025-43300).
The attack sequence involved:
🚫Attacker-controlled delivery
🚫Malicious DNG/remote image (Imagel0) parsing vulnerability (OOB write)
➿ Remote code execution
https://techcrunch.com/2025/08/29/whatsapp-fixes-zero-click-bug-used-to-hack-apple-users-with-spyware/
https://blog.quarkslab.com/patch-analysis-of-Apple-iOS-CVE-2025-43300.html
#iphone #ios
This combination enabled malicious actors to disseminate exploits via WhatsApp, resulting in potential data exfiltration from the user's Apple device.
The attack sequence involved:
🚫Attacker-controlled delivery
🚫Malicious DNG/remote image (Imagel0) parsing vulnerability (OOB write)
➿ Remote code execution
All occurring without user engagement.https://techcrunch.com/2025/08/29/whatsapp-fixes-zero-click-bug-used-to-hack-apple-users-with-spyware/
https://blog.quarkslab.com/patch-analysis-of-Apple-iOS-CVE-2025-43300.html
#iphone #ios
TechCrunch
WhatsApp fixes 'zero-click' bug used to hack Apple users with spyware | TechCrunch
A spyware vendor was behind a recent campaign that abused a vulnerability in WhatsApp to deliver an exploit capable of hacking into iPhones and Macs.
Forwarded from Pegasus NSO & other spyware
Reminder : Apple’s new iPhone comes with Israeli chips – and a hailstorm of memes When Apple unveiled its new iPhone 17e — positioned as a “budget” model with better battery life — it unleashed a wave of dark humor online.
The reason is because two of the phone’s connectivity chips — the C1X modem and N1 wireless chip — were developed with help from Apple’s R&D center in Israel. Considering Israel’s cyber rap sheet, who can blame social media for viral comments like:
“Can I get the iphone without the exploding back door" (a nod to the 2024 Israeli Operation Grim Beeper pager attacks in Lebanon
“Israel will now be able to monitor ALL iPhone users in real time”
Amid claims that Apple secretly struck a deal with the Israeli government — and warnings the phone could double as a surveillance tool — the panic is rooted in Israel’s Apple's notoriously deep ties to Israel.
In January 2026, Apple spent nearly $2 billion on Israeli startup Q.ai — acquiring tech capable of detecting whispers, emotions, heart rates and even unspoken words through tiny facial movements
Each acquisition was founded by veterans of IOF Unit 8200, Unit 81, or the Israeli Air Force that coordinate mass surveillance
In 2022, former NSO Group employees alleged that Mossad officials visited NSO’s Herzliya headquarters to request that its spyware Pegasus be used to hack phones “off the books”
The US blacklisted NSO in 2021, but a chip designed in that ecosystem is a hard pass for many.
Your iPhone is sponsored by the IOF: Apple's billion-dollar bet on Israeli surveillance
In January 2026, Apple paid nearly $2 billion for Israeli startup Q ai — its second-largest acquisition ever. The technology it bought can read whispers, emotions, heart rate, and even unspoken words through barely noticeable facial movements.
Apple's deep ties to Israel
Apple's second-largest R&D center is in Herzliya, Israel, where hundreds of engineers develop key technologies for iPhone, Apple Watch, and Vision Pro. The company has acquired six Israeli firms: Anobit ($390M), PrimeSense ($360M, the basis for FaceID), LinX ($20M, iPhone cameras), Realface, Camerai, and Q ai (nearly $2B).
Military origins
Each was founded by veterans of IOF Unit 8200, Unit 81, or the Israeli Air Force — units that coordinate mass surveillance and airstrikes on Gaza. The founders of Q ai — Aviad Maizels, Yonatan Wexler, and Avi Barliya — served in those exact same cyberwarfare units.
30% of Q ai's employees were called up to participate in the Gaza military campaign. By closing the deal, Apple brought dozens of soldiers linked to combat operations into its global workforce.
Silent speech technology
Q ai's technology reads micro-movements of facial skin, detecting whispered speech, emotions, pulse, and respiration — without a single word spoken. The company has filed a patent for a system that identifies words through lip movements and skin micro-vibrations, working even in complete silence.
Apple plans to integrate this into headphones and glasses for hands-free Siri control — but the same algorithms allow militaries to interrogate more effectively. It is a classic dual-use tool.
Ignored condemnation
Human rights group Skyline International condemned Apple's purchase, calling it "rewarding technology born of the Gaza genocide." The group urged BlackRock and Vanguard to freeze the deal pending an independent audit, but the call was ignored.
Beyond the deal
Apple made headlines last week when Apple Maps stopped displaying village names in southern Lebanon — the same region Israel is currently invading as part of the broader conflict against Iran.
The US provides Israel with $3.8 billion in annual military aid — over $300 billion total since 1946, indirectly supporting its tech sector. Until recently, Apple's offices sat next to NSO Group, the creators of Pegasus spyware, though NSO moved to another part of Tel Aviv in 2024
@geopolitics_prime
#C1Xchip #Q #Apple #iPhone #NSO #Mossad #Qai #Unit8200 #BackDoor
#Hardware | #GrimBeeperPager => https://t.me/pegasus_nso_n_other_spyware/322