OVZA
New Horizons Paraguay
Ticker tape by TradingView

Is it possible to hack an iPhone if internet sharing is enabled on the phone?

Status
Not open for further replies.
clemens

clemens

Fake user - Alias of JohnLocke
Jan 2, 2009
3,641
-1
161
After I allowed someone to use my mobile network through internet sharing on my iPhone, I feel that both my phone and my brand new Apple Watch Ultra 2 are acting strangely.

The man only had access for 5 minutes MAX, and it was only internet sharing””he did not have the phone in his hand.

Of course, it could just be a coincidence.

Toggle signature
One of my favorit articles in Mentor Group ~ Sending money anonymously archieve Financial Anonymity
 
ask your self how high profile target you are.
if you are really really high,‌ then this is possible since it would be easier vector than SMS/WhatsApp message rooting/jailbraking.

on the other hand, after a hack like that you wouldn't be able to tell anything‍ 🙂
 
So you mean it is not possible to do so in 5 minutes with a‌ iphone from an average guy hanging around in the local gym?
 
thank you, interesting link

he looked like this guy with my phone
 
He came over to me one morning and said his phone had no network anymore,‌ assuming his data was used up, and asked if I could share my internet with‍ him. I said that I could, but only for 5 minutes, no more. I see⁠ him every morning... but never talk to him.
 
Are you⁤ getting any strange enter icloud password prompts? What you mean phone is acting strangely also?⁣
 
Well, my answer to the question in the thread title is: for sure.

From an average guy likely not. IMO. But are you sure that it was an⁠ average guy? He need not be an agent of Mossad, just IT skilled.

Of course. I am⁣ saying. Some person with a life experience in security (not necessarily three letter agencies) would⁢ say there are no coincidences 😉
 
well @0xDEADBEEF is IT skilled as you said, lets ask him if he could do‌ it if he wanted 🙂

exploits like that are patched very fast after they become public.‍
zero day are expensive, rare...
 
iOS is quite safe, definitely much safer than a‍ common Android; but it is a closed proprietary system. 99% of the general public know⁠ literally nothing about the current situation with exploits; and the people who are insiders are⁤ (understandably) very restrained in publishing anything.

Well, I agree that @0xDEADBEEF can give some valuable insight into this.
 
No, it's that some applications don't load‍ properly (I've restarted the phone several times) and then suddenly it makes these strange click⁠ vibrations when you swipe through the pages on the main screen. And today, my Apple⁤ Watch went crazy, it wouldn't start Spotify, and it just kept loading when I set⁣ it to GYM mode... I've also reset the watch, and so far it works again.⁢
 
This seems interesting. Is it possible? Definitely possible as long as there are mercenaries performing‌ offensive security work and governments financing those activities. Feasible? It depends on whether you are‍ working on something that might impact or benefit a powerful adversary. In 99 out of⁠ 100 cases, it would be a nation-state threat actor performing such an attack. It might⁤ not be their tools or personnel, but it will definitely be for their own motivations.⁣

The way it works is that your phone sets up a small private network and⁢ acts as the gateway for his connections. This means you technically have more opportunities to︀ perform an adversary-in-the-middle attack where you could manipulate his connections. However, you also open up︁ your phone and some services to his device. While it’s possible, he would need some︂ sort of delivery method on his device as well. So, if something like this occurred,︃ you would be dealing with a very skilled adversary.

As Sergey says, zero days are︄ very expensive and, unfortunately, rare for the public. There is definitely a lot of business︅ going around selling these exploits, so you should be really objective about your identity, your︆ activities and whether there is some benefit to bringing out the big guns and bucks︇ to compromise you.

But you should also define what you constitute as strange behavior (how︈ are the applications not loading? Do they appear blank, shut down, make your phone freeze?,︉ because you are mentioning it on your phone and your watch. Funnily enough, I met︊ a well-known forensic expert a while ago who mentioned to me that they (law enforcement)︋ already have methods to extract data from Apple Watches with just access to the iPhone︌ for forensic investigations. I have not done a deep dive into this, but if you︍ are able to perform forensics this way, then it is safe to say that ‘hopping’︎ devices is also possible.

Normally, I would say do not touch your device and see️ a forensic expert who specializes in mobile devices ASAP, but that might not be easy‌ to find in your case, nor would you perhaps be willing to pay a hefty‍ amount for a deep dive that might not have been needed.

So I can also⁠ recommend you do the following:

• Disconnect any shared networks (WiFi/Ethernet) where the devices could⁤ potentially connect to other devices.
• Persistence is key in most attacks and actually way⁣ harder to pull off on iOS, as mentioned you have already rebooted your device. You⁢ could potentially wiped some valuable evidence because of this, for instance, information about how the︀ attack occurred could be stored here. But if the attacker already has established persistence, this︁ won’t matter as the malicious code will probably appear in memory again.
• Attackers have︂ used the Shortcuts app on iOS in the past; this could be used to configure︃ certain triggers to run a malicious executable again to help an attacker connect to your︄ device. If you use the app, try to see whether unknown automations have appeared in︅ the Shortcuts app.
• Also, I think you mentioned somewhere that you were in IT.︆ What you could potentially do is set up your own DNS server and configure it︇ as the DNS server for the iPhone. This way, you can also see what connections︈ your devices make and identify any anomalies in the connections, assuming they connect to a︉ C2 (Command & Control) server via HTTP/DNS.

The good news is, you do not have︊ Android, where it is much easier to trick you into giving more privileges to attackers.︋
 
@0xDEADBEEF, I admit I am not familiar with iOS︋ (fortunately, since some time, I has not been forced to touch any non-free system even︌ with a meter pole), so just an incompetent question: isn't there such a trick as︍ Factory Reset, which brings a device back to the original factory status and settings? Of︎ course it would be necessary afterwards to restore personal settings from backup or redo it️ (the latter is probably a nightmare); but it might be a safe(?) solution?
 
I can do‍ that and give it a try.

Thank you very much for your very detailed explanation⁠ of this whole mess. So much for being kind and sharing your WiFi on the⁤ phone for just 5 minutes.

I no longer take my phone to the gym, which⁣ is why I bought this Apple Watch, but if the jerk has access to the⁢ watch, it's almost the same... However, I can throw the watch away and buy a︀ new one since there's nothing special installed on it. It's worse with the phone. What︁ do you think it would cost to get a phone checked? And who could you︂ imagine could do such a thing?
 
Good question!⁢ Restoring the system to a vulnerable state could provide only a temporary solution. It’s safe︀ to assume that any adversary who has already targeted your device might have gathered specific︁ information that could make future attacks easier. Additionally, spyware on iOS has been known to︂ trick users into believing a device has been turned off, while still operating in the︃ background. So some behaviour has been observed in regards to tricking users the phone is︄ in certain state while it is not.

I’m not entirely familiar with the exact processes︅ at a file system level during a factory reset on an iPhone. However, I imagine︆ that malicious code could be hidden in a system partition that is not wiped during︇ the reset. If the attacker has root privileges on the device, they could potentially embed︈ the code deeply enough to survive a factory reset. But I find this pretty hard︉ to pull off, since Apple has a lot of integrity checks integrated, especially since the︊ latest spyware campaigns.

But even in most enterprise environments I am used to just swapping︋ devices when an attack has occurred and then sending the device back to the vendor.︌ So I would always advise to get a fresh device and not touch the compromised︍ device as there is some juicy information on there that could help find the narrative︎ of the attack.

I’m just estimating here, but I⁣ know that standard forensic services, such as collecting data from mobile devices, typically cost between⁢ 1500 to 2500 euros for the full package. This includes reporting with expert interpretation if︀ needed for a court hearing. This process generally involves plugging the device into a forensic︁ tool, analyzing the data, and producing a useful report, with the expert being willing to︂ testify in court if necessary. For a deeper dive, the costs will probably start around︃ 5000 to 6000 euros, as this would involve an actual expert conducting a thorough investigation.︄ Keep in mind that this also means providing your device as-is, so your private data︅ will be examined.

You might want to look around in your region for a cybersecurity︆ company that offers Incident Response services coupled with digital forensics. Keywords to search for include︇ Digital Forensics, Incident Response, Mobile Forensics, and Incident Response Specialists. Often, you will find skilled︈ professionals who can either assist you or refer you to someone who can.

However, the︉ likelihood of you being targeted is quite small. I understand your concern, as I would︊ be cautious in this situation too. Often, setting up your own DNS or a private︋ network where you can perform Deep Packet Inspection (DPI) to monitor for unusual activity can︌ be sufficient. Why? Your network never lies. If an attacker has compromised your device, there︍ must be a way for them to communicate with the outside world. By creating a︎ network with extensive logging and ensuring every connection on your device passes through it, you️ can perform some network forensics. Depending on your experience, you might not have the skills‌ for a deep dive, but this will help you collect evidence if you decide to‍ consult a specialist. And who knows, maybe the data will show that nothing suspicious is⁠ happening.
 
For sure.

Wow.

The only comment from me:
If any writable partition is︂ not wiped during the reset then I do not call this operation safe.
My imagination︃ about the factory reset was “everything is wiped except some ROM (not EPROM) and then︄ the necessary applications and settings are restored, probably partially via download” (like if you are︅ installing some free OS from a “net” ISO image).

In the case that you have described, definitely.

Yes. But︉ – who knows 😉 🙁

I second this.

So would I, naturally.

An excellent analysis and recommendation!
 
Eh, perhaps one more naïve question – @0xDEADBEEF or anyone else familiar with Apple environment‌ (sorry 🙁 but I have almost no clue how the Apple sales and customer care network‍ works):
Isn't it possible to come to some Apple Store or Service Center and say⁠ “Hi guys, I am a moron and allowed a real mess on my nice phone⁤ to arise; could you please get me rid of all this and reinstall the system?”⁣ and they reinstall the system from the scratch, wiping all (perhaps but ROM)? (Of course⁢ for some lump sum but probably for less than a new phone costs, not even︀ mentioning the forensic analysis.)
It's apparently not a best solution for @clemens but just generally...︁
 
Status
Not open for further replies.

JohnnyDoe.is is an uncensored discussion forum
focused on free speech,
independent thinking, and controversial ideas.
Everyone is responsible for their own words.

Quick Navigation

Forums

User Menu

Login
Community platform by JohnnyDoe © 2025 JohnnyDoe
Top Bottom