Thursday, September 29, 2022
HomeDigit NewsIPhone and Tesla servers hacked ... by renaming devices

IPhone and Tesla servers hacked … by renaming devices



The vulnerability made it possible to rename any device, this affected iPhones and Tesla electric vehicles, in such a way that the servers of these companies went to the addresses of the cybercriminals on the Internet. To do this, you need to rename the device by adding a domain to the name, into which a malicious script can be embedded.

And when the server writes a line with the address of the web page needed by the hackers in the logs, it goes to the address and downloads all the necessary data and instructions from it. These include arbitrary code that allows it to be executed with the rights that the Log4j log library itself has.

Vulnerability tests found that it was enough to rename the iPhone or Tesla electric car in the settings, the Apple and Tesla servers write a new name with the inserted URL to the log file and follow it.

The developer of the library, after contacting him by Alibaba specialists, released an update with the elimination of the vulnerability. It happened on December 6, and the attackers started using this bug on December 1. No consequences of this have yet been reported.

- Advertisement -
MOBILE

Auto

Two Wheeler

BUSINESS AND FINANCE

Digit News