Checkm8 is the latest malware threat to target the once-impenetrable iPhone. The exploit infiltrates iOS devices through a USB connection and poses a significant threat to anyone using public charging stations (like those found in airports.)
Worryingly, the researcher who discovered it believes it’s un-patchable. Yikes. Here’s what you need to know.
[referenced url=”https://www.lifehacker.com.au/2019/09/how-can-you-tell-if-an-app-is-malware/” thumb=”https://i.kinja-img.com/gawker-media/image/upload/t_ku-large/kjny1djnar1vmy2g0qbo.jpg” title=”How Can You Tell If An App Is Malware?” excerpt=”There are a lot of apps you can download on Apple’s App Store and the Google Play Store. That’s obvious. What’s not so obvious is that even though both companies do a pretty good job of (mostly) catching bullshit apps, there are still plenty that sneak through because they just toe the line between scammy and barely helpful.”]
What is ‘Checkm8’ and how does it work?
The exploit, called Checkm8, was discovered by axi0mX and publicly disclosed to Twitter on 27 September. The researcher said both iPhones and iPads featuring the A5 chip right through to the A11 chip are vulnerable. That means the iPhone 4S to the iPhone 8 and iPhone X or, in other words, a mountain of mobile phones.
EPIC JAILBREAK: Introducing checkm8 (read “checkmate”), a permanent unpatchable bootrom exploit for hundreds of millions of iOS devices.
Most generations of iPhones and iPads are vulnerable: from iPhone 4S (A5 chip) to iPhone 8 and iPhone X (A11 chip). https://t.co/dQJtXb78sG
— axi0mX (@axi0mX) September 27, 2019
The exploit works by attacking the bootROM, the startup function on an iPhone or iPad, allowing the phone to be jailbroke, according to ThreatPost. Because that particular part of the device is read-only, it can’t be patched.
Once a device has been jailbroken, hackers could install malware. In a saving grace, the vulnerability can only be exploited via a USB connection so theoretically, it could be installed in public charging ports around the world. What’s not clear, however, is whether the hacking could continue after the affected phone has been removed from the USB connection.
How likely is it to infect my phone?
As with all malware alerts, the likelihood is not always extremely high but anything more than a zero per cent chance needs to be treated with caution, especially seeing as this particular exploit is un-patchable. Thankfully, axi0mX has not released the full version publicly, just a part of it so other hackers and researchers can better understand how to solve the issue.
2/ What I am releasing today is not a full jailbreak with Cydia, just an exploit. Researchers and developers can use it to dump SecureROM, decrypt keybags with AES engine, and demote the device to enable JTAG. You still need additional hardware and software to use JTAG.
— axi0mX (@axi0mX) September 27, 2019
What should I do?
The easy solution is to not use public charging ports but we all recognise that’s not a good solution. Since the malware requires a direct USB connection to your phone, you could charge a power bank or a laptop and then charge your phone through that. For now, it’s not publicly available so you can stress a little less but it’s always good to be wary of these potential issues because the future’s a scary place sometimes.
[referenced url=”https://www.lifehacker.com.au/2019/07/agent-smith-android-malware-infection-explained/” thumb=”https://www.lifehacker.com.au/wp-content/uploads/sites/4/2019/07/Matrix-Reloaded-410×231.jpg” title=”MALWARE ALERT: An ‘Agent Smith’ Virus Has Infected 25 Million Phones” excerpt=”If you own an Android device, it might already be infected with a dangerous malware called Agent Smith, named after the menacing character in The Matrix. The malware’s already infected around 25 million Android devices globally, with thousands in Australia thought to be compromised. Here’s what you need to know.”]