W When first cnecting an iPhe to a computer, you often see a pop-up window that says "Trust This Computer?". And even though the prompt may seem innocuous, new research suggests that it might have
Symantec security researchers uncovered a whole new class of iOS attacks that exploit the "Trust" setting ", according to Wired . As the report reported Wednesday, as so as a user chooses to "trust" a computer, they could open their device to a wide range of digital attacks that researchers call "trustjacking."
"ce this trust is established everything is possible", Symantec SVP Adi Sharabani says Wired . "He introduces a new vector of attack."
As the cybersecurity company points out, these attacks can range from exploits deployed when an iPhe is cnected to the same Wi-Fi network as a hacker. But there are remote attacks that can target a device even if they are separate.
The security firm's research focuses a little-known feature called iTunes Wi-Fi Sync. True to its name, this feature essentially allows iOS devices to sync with a desktop iTunes applicati over a Wi-Fi network. When an iPhe receives the order to "trust" a computer, the two devices can then synchrize and communicate with each other when they are the same network – without any further interventi or approval by the user
. door, "attackers could install malicious computer systems in public places, such as a charging stati or a hotel lobby computer." This could cause iOS users to plug in their devices. iPhe and inadvertently trust these systems.
When this trust is established, attackers can use the Wi-Fi Sync feature to abuse the basic sync or even access the developer's commands. could then deploy malicious software, surreptitiously collect data through a backup or even spy a user's screen by taking screenshots remotely.
Sharabani said Wired that …