Towards the end of last month, Google’s elite bug-hunting team – Project Zero – released a report on malicious website hijacking the iPhone. But that was not that serious since a simple reboot could nullify the access to the device.
However, in the latest development, a researcher going by the name axi0mX has discovered a new exploit for iPhone jailbreaking. According to the researcher, the new exploit could lead to a permanent unpatchable jailbreak of millions of iPhone devices.
The exploit termed as “checkm8,” is a bootrom exploit that gives in-depth access to old iOS devices. What the exploit utilizes is a vulnerability in the initial code that iOS devices use when booting up. So, it affects the ROM of the iPhone, which makes it hard for Apple to patch. As axi0mX puts it, this is “a permanent unpatchable bootrom exploit.”
EPIC JAILBREAK: Introducing checkm8 (read "checkmate"), a permanent unpatchable bootrom exploit for hundreds of millions of iOS devices.
Most generations of iPhones and iPads are vulnerable: from iPhone 4S (A5 chip) to iPhone 8 and iPhone X (A11 chip). https://t.co/dQJtXb78sG
— axi0mX@infosec.exchange (@axi0mX) September 27, 2019
Checkm8 affects hundreds of millions of iPhones starting from the older iPhone 4S through the iPhone 8 and iPhone X. Lucky is the iPhone XS / XR and 11 / 11 Pro devices which are not affected by the exploit.
But still, the exploit requires physical access to an iPhone since it has to be carried out via USB. So, although hundreds of millions of iPhone being vulnerable, it is not possible to jailbreak them with the physical barrier in place.
So far, there is no jailbreak performed by checkm8, yet. But since the tool is now publicly available, there is potential that the tool could be developed further to perform jailbreaks even with no physical access.