A hacker has demonstrated a vulnerability in Apple’s air drop function.
The hack allows a malicious tool to be sent to any locked device that has air drop switched on. The tool lays dormant until the device is rebooted and then replaces the phone function with a hello world screen. This is obviously a big deal as it could have been created to do much worse.
The AirDrop bug can be used to target people wirelessly in close proximity and is also useful for lock-screen bypass, The Australian researcher Mark Dowd, who heads up Azimuth Security, told FORBES the exploit would still work if the victim rejected an incoming AirDrop file, and the flaw allowed anyone within range of an AirDrop user to install malware on a target device and tweak iOS settings.
The bug affects all devices from iOS 7 and upwards but has been fixed in iOS 9, for those however who do not want to update to the latest iOS is advised to switch off airdrop.