It’s not even a week that the iOS 11 has been launched and it looks like someone already found a way to crash your iPhone, bypass the passcode, and get access to the photos.
Each generation of the iPhone and its side-release of the iOS version have its own problems. But Apple usually patches them up quickly. Sometimes there is a link which crashes iMessage and the entire device, or maybe a video which sends the processors into a death spiral.
These kinds of problems are not present only on iOS, to be sure. Android is also very likely to get malware, for example, which is the reason why developers work on their respective OSes all the time, to fix any of the issues.
Crashing the iOS could be possible if you receive a photo and get tricked in that way. But that is harmless and easily reversible. However, on the other hand, the current hack is not as easy to get or to execute.
One can crash the iOS 11 with the use of profiles which can be loaded locally or from a link in the browser. If you choose to download from the browser straight, you will have to run the profile and load it.
These kinds of profiles are used to grant users access to the Beta version of the OS, for example, or that allow users to install apps that are not available in the official store. If you access a third-party profile, you will notice that it’s written in a red font that says it’s not signed.
After you install it, despite all the warnings, you will be forced to see how page after page with fake apps are created. By the way, those fake apps can’t be uninstalled. The end result is the iOS crashing.
The name of the exploit is iXintpwn/YJSNPI. This is basically a malicious profile which can be modified to be even worse. This is what the EverythingApplePro did. The malware in question cannot be uninstalled. In some cases, it even allow someone to bypass the lock screen and get into the pictures.
The idea is that if you receive a link profile via a link or if you see something on a website, do not download it. Unless it is signed, it could very well be a malicious profile which will end with two things — brick or reinstall the whole OS with the help of iTunes.
