This is somewhat worrying.
A newly announced iOS exploit could lead to a permanent, unblock able jailbreak on hundreds of millions of iPhones. Per a security research team known as “axi0mX,” the exploit, dubbed “checkm8,” functions as a bootroom vulnerability that could give hackers deep access to iOS devices on a level that Apple would be unable to block or patch out with a future software update.
According to the tweet, “Most generations of iPhones and iPads are vulnerable: from iPhone 4S (A5 chip) to iPhone 8 and iPhone X (A11 chip). “
The exploit functions as a bootrom exploit, allowing it to take advantage of extremely low level initial code that iOS devices load when they boot up. Since it’s ROM (read-only memory), it can’t be overwritten or patched by Apple through a software update, so it’s here to stay. It’s the first bootrom-level exploit publicly released for an iOS device since the iPhone 4, which was released almost a decade ago.
After a follow-up tweet, axi0mX stated that the exploit was released given that a “bootrom exploit for older devices makes iOS better for everyone. Jailbreakers and tweak developers will be able to jailbreak their phones on latest version, and they will not need to stay on older iOS versions waiting for a jailbreak. They will be safer.”
As of now, any device starting with the iPhone 4S, which features the A5 processor, through the iPhone 8 and the iPhone X, which features an A11 chip, is vulernable. Apple was able to patch the flaw in the A12 processors, meaning that iPhone XS / XR and 11 / 11 Pro devices won’t be affected.
Apple did not respond to a request for comment.
While there’s no actual jailbreak available yet, the exploit is known as a “tethered” exploit for the time being, meaning it can only be triggered via USB. An “untethered” jailbreak, which could be activated without a USB connection, could also be possible.
Should the exploit be used by nefarious actors, features such as iCloud account locks, or poisoned versions of iOS that steal user information, could be possible somewhere down the like. While Apple can patch the bootrom for its newer devices, the hundreds of millions of iPhones already out there can’t be patched without replacing hardware.
While all of this is occurring, the value of iOS exploits has also risen greatly, with Apple’s bug bounty program paying for exploits and shadier groups looking to use them to hack iOS devices. That means there’s less incentive for developers who do find jailbreakable exploits to release them.
Stay tuned for additional details as they become available.