Security Experts:

Connect with us

Hi, what are you looking for?



McAfee Details Remote iPad Hack in Mobile Security Demonstration

McAfee has published a paper detailing an attack on the Apple iPad to highlight the challenges facing mobile device security.

McAfee has published a paper detailing an attack on the Apple iPad to highlight the challenges facing mobile device security.

The paper is based off research McAfee presented in October at its FOCUS 11 conference and demonstrates how an attacker can use a man-in-the-middle attack to compromise an iPad and install malware. At the RSA Conference last week, the company took it a step further – showing how a person’s iPad can be compromised if they were to log on to WiFi using a rogue access point. From there, an attacker launching a man-in-the-middle (MitM) attack would inject an iFrame into whatever site the user visits.

iPad The next step is to jailbreak the device and install malware capable of giving attackers long-term access to the machine, explained Ryan Permeh, principal security architect in the office of the CTO at McAfee.

“It’s very silently jailbroken in a way that the user of the device does not actually even know that he’s been jailbroken,” he said. “Once we’ve silently jailbroken the device, we use that as a platform to install malicious software.”

In the demonstration at the RSA Conference, that malware is a remote access Trojan that would give an attacker the ability to remotely control the device. Permeh said users should make sure their operating system version is up-to-date, and be cautious when using public WiFi. Consumers should also look to add antivirus protection to their mobile devices, he said.

The paper, which showcases the attack demonstrated at FOCUS, can be viewed here. Mobile security was a hot topic at the RSA Conference, and was the subject of a brand new track. Former McAfee executives George Kurtz and Dmitri Alperovitch – now co-founders of the firm CrowdStrike – exploited a zero-day vulnerability in the Webkit browser engine in order to compromise a Google Android phone.

When asked what companies can do to build better user buy-in for mobile security, Webroot Mobile Threat Research Analyst Armando Orozco told SecurityWeek that “education is key.”

Resource: Mitigation of Security Vulnerabilities on Android & Other Open Handset Platforms

“We don’t think users fully understand just how much is stored on their devices, or everywhere they connect,” he said. “The best way to get them to buy in is through education with real world examples.”

Two vulnerabilities exploited to conduct the attack have been fixed in recent versions of Apple’s iOS, though McAfee notes the fact that many users have not upgraded their iPads for various reasons—from simple ignorance to the fact that they want to jailbreak their devices.

“The exact same attacks work just as well against iPhones and iPod touch,” Permeh told SecurityWeek. “Its slightly less likely to have an iPhone connect to a rogue wireless because it typically has a 3g connection to access the internet. This doesn’t mean that no iPhones would connect, i just suspect the percentage might be lower than that of iPads. This might be changing with the carriers moving to metered data plans, so there may be more need for access via hotspot, particularly in regards to things like streaming media.”

“The Apple iOS is more secure than many other operating systems, but it’s not impenetrable,” the paper concludes. “For this hack, it didn’t matter whether the victim was using SSL. All we needed was an unaware or unconcerned victim.”

Hacking iPad Remotely

Related Reading: Mobile Devices Leak Cryptographic Keys Via Electromagnetic Emissions

Related Reading: Separating Fact from Hype on Mobile Malware

Resource: Mitigation of Security Vulnerabilities on Android & Other Open Handset Platforms

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.