Hundreds of millions of iPhones are at risk of permanent jailbreaking!

30 October 2019

checkm8: the new ios bootrom exploit

A researcher known on Twitter as axi0mX recently discovered an iOS exploit called “checkm8”. This could lead to an unblock-able jailbreak on hundreds of millions of Apple devices ranging from iPhone 4S to iPhone X.

Bootrom vulnerability

Checkm8 is a bootrom exploit. So-called because it exploits a security flaw in the code that iOS devices load while booting up. This vulnerability could give cybercriminals a far greater level of access to iOS devices. Furthermore, it’s read-only memory (ROM), which means Apple won’t be able to block it with new software. Therefore, it could be around for a very long time.

For iPhone hackers, this is a big news. It’s the first iOS bootrom exploit since iPhone 4 was released 10 years ago.

So far, there’s no jailbreak. So, you cannot just access a tool, crack an iPhone and download apps and modifications to the operating system.

The vulnerability is currently a “tethered” exploit, since it needs to be triggered via USB and must be enabled by a computer, effectively limiting its potential for a useful jailbreak.

However, there’s every possibility that this exploit will lead to an untethered jailbreak.

Potential scenarios

Permanently jailbroken iPhones

Downgradeable iOS devices

Dual-booting between
different version of iOS

Security issues

Cybercriminals could exploit checkm8 to overcome the account locks on iPhones, which are designed to stop other people accessing someone’s iPhone if it’s lost or stolen. The vulnerability could also be used to install rogue operating systems that steal data.

Although jailbreaking iPhones is no longer big business – especially now iOS has a much wider range of features – there’s the potential for checkm8 to reinvigorate the jailbreaking community.

Could this be the start of a new era of iPhone hacking?

“Specialising in mobile security, Appurity’s experts work with our customers to remediate and protect against checkm8 and other vulnerabilities. On-device threat defence solutions provide protection against actions an attacker may take on a compromised device. Appurity will be assisting our clients to make sure their threat defence policies are up to date and organisational policies or processes are in place for any devices that are out of a user’s control for a given amount of time.”

Tim Dinsmore, Technical Director at Appurity

Safeguard your mobile workforce

The good news is, Appurity and Lookout can help you to protect your mobile workers from bootrom exploits like checkm8.

Our threat defence products

Samsung’s Knox platform brings best-in-class hardware-based security, policy management, and compliance capabilities beyond the standard features available in today’s mobile device market.

Learn more
MobileIron Threat Defence

MobileIron Threat Defense allows you to fully secure corporate and employee-owned devices. This will make your people more productive and protect their mobile devices against advanced threats. 

Learn more

Desktops are being replaced by mobile endpoints, and data centres are moving workloads to the cloud. As a result, the traditional enterprise perimeter no longer exists. This shift means organisations must think differently about security.

Learn more

Lookout protects mobility for some of the world’s largest enterprises, critical government agencies, and tens of millions of individuals worldwide. They’ve achieved this by partnering with leaders in the mobile ecosystem globally, and they’re only getting started.

Learn more

Related news

Ready to Talk?

For more information about our privacy practices please visit our Privacy Statement.
For more information about our terms of use please visit our Terms & Conditions Statement.

I agree to the terms of use and privacy statements outlined above.

We use cookies on this site to enhance your user experience. Find out about our cookie policy ACCEPT