This Unpatchable Exploit On iOS Could Allow Jailbreaking On Millions Of iPhones

According to a newly-released study by researcher axi0mX, there is a new iOS exploit that can cause an unlockable and permanent jailbreak on millions of iPhones. The exploit is called checkm8, and it can give hackers so deep an access to Apple’s devices that the company cannot patch or block it even with software updates.

This is a bootrom exploit, so it will abuse a security vulnerability of the code that iOS devices load whenever they boot up. It is also ROM (short for read-only memory), so there is no way for Apple to overwrite or patch it with a software update. Ever since the iPhone 4 launched over ten years ago, this is the first bootrom exploit to be uncovered publicly.

Millions of devices can fall victim of an attack based on this exploit, from iPhone 4S all the way to iPhone X. Apple has patched it for A12 processor, so iPhone X, XR, iPhone 11, and 11 Pro variants are safe.

We have not had a jailbreak yet, so for now, you cannot use a tool to crack the device and then downloading modifications and apps for iOS. More importantly, a jailbreak now is not practical as the exploit can only be triggered over USB. And each time you want to enable it, you will have to do so via a computer.

This exploit can cause some security concerns. Bad actors can take advantage of it to trick users into installing a poisoned version of iOS that can steal their data or to circumvent the account locks of Apple iCloud, which is now used to make lost or stolen devices useless.

In recent years, the value of iOS exploits has increased a lot with Apple releasing bug bounty program, meaning developers will have less incentive to release them when they find out about them. Some recent exploits have downed the price for iOS to $2 million in comparison with $2.5 million for Android.

There are people who want complete control over their iOS devices, but since we have less and less major exploits now and a decrease in demand has made this community become stagnate. Besides, other workarounds like AltStore will allow users to install unsanctioned apps without jailbreaking. So why bother with the hard way when you have an easier solution to achieve what you want?

This is not the only development in jailbreaking for iOS. This year’s summer saw Apple unintentionally unpatched an iOS’s vulnerability, making jailbreaking newer devices possible for the first time in many years. While the company acted quickly to fix this, a wave of jailbreaking has arisen.

Now is just too early to conclude that checkm8 will open up a new era for jailbreaking iPhones, but the folks on the jailbreaking subreddit show a lot of optimism. One of them even referred to this as the biggest thing ever happened to jailbreak given the enormous scope of it.

Given how far and large this exploits can get and its nature, it is something the company will have to monitor closely in the future.