What is Trustjacking? The iOS Exploit that Allows for Remote Control

Ule Lopez

April 19, 2018

Hoo boy, a new vulnerability has come up for iPhone users everywhere. In today’s day and age where the biggest concern is privacy, we shouldn’t take any sort of vulnerability that can result in other users taking control of our devices lightly. As such, we’re going to take a few moments to explain what’s the latest iOS vulnerability, TrustJacking.

iTunes Wi-Fi Sync is all that’s needed in order to allow any malicious actors to gain control over iOS devices. It also allows them to record and control any and all sort of activities remotely. And yes, this is a problem that has been spreading on mobile phones before, not even Android users were safe from this.

Despite the fact that iTunes Wi-Fi Sync is pretty useful for many iOS users considering the fact it allows them to sync the devices without the need of cables. There are also other features that Wi-Fi Sync offers such as access the photos on the device, perform backups, and install apps. However, the iOS device user never gets notified about this on their phone.

This is what happens when a malicious actor wants to make their move. Once the victim and the attackers are connected to the same network, a vague prompt asking whether or not to trust the computer pops up. If the victim allows this computer to be trusted, they are pretty much allowing the malefactor to record activity without the victim knowing.

Not to mention, even if you have disconnected the device from the malicious computer. The user can enable the iTunes Wi-Fi Sync feature, regardless of whether or not the victim authorizes it. Basically, once the user chooses to trust the malicious computer. They can get any and all sort of access to the affected party’s iPhone device, gathering data from them or even installing virus apps.

Apple sort-of-but-didn’t address this issue by adding a mechanism that ensures the real owner of the iOS device chooses whether or not to trust this computer. However, there isn’t a way to choose to “Untrust” previously selected computers and the prompt is still vague so this really isn’t a solution more like a bandaid.

The best way to ensure that no unwanted computers are being trusted by your iOS device is to clean the trusted computers list by going to Settings > General > Reset > Reset Location & Privacy. Afterwards any and all affected users can pretty much start from scratch and cautiously re-authorize other computers for data access to their iOS device.

This exploit was discovered by Symantec and they are working hard to keep users informed about Trustjacking in iOS devices. I’d suggest you take a full read at their article which explains the situation in more depth. I also would recommend to refrain from using iTunes Wi-Fi Sync for the time being until it’s better implemented by Apple.