Researcher discovers hidden iOS 14 ‘BlastDoor’ security mechanism

This protective layer sandboxes incoming iMessages to protect users from malicious texts

The latest iteration of Apple’s flagship iPhone operating system, iOS 14, was shipped with a previously undisclosed security mechanism that comprises major changes to the way incoming iMessage texts are processed.

With iOS 14, Apple has introduced BlastDoor, which serves as a sandboxing service for all incoming iMessage data, according to Google’s Project Zero researcher Samuel Groß. This hadn't been previously disclosed by Apple, and the tool was only discovered after reverse-engineering the operating system.

BlastDoor aims to safeguard iPhone users against a common form of attack which involves malicious payloads being sent through iMessage texts. Hackers have, in the past, exploited iMessage vulnerabilities to launch remote code execution attacks and take control of iPhones by simply sending a text to a victim’s device.

This sandboxing layer has been designed specifically to combat this threat by executing any incoming code in an isolated environment, away from the rest of the operating system. This means malicious payloads can be identified and removed before the user interacts with the message.

Although several sandboxing mechanisms already exist in iOS, BlastDoor is one that specifically operates with the iMessage app. It’s also written in Swift, which is considered a memory safe language, making it harder to introduce classic memory corruption vulnerabilities into the codebase.

The Great iPwn, disclosed by Citizen Lab in December 2020, is a recent example of a series of attacks that exploited such weaknesses in iMessage. The report revealed that government operatives using the NSO Group’s infamous Pegasus spyware were found to have hacked 36 personal phones belonging to Al Jazeera journalists.

The operatives deployed an invisible zero-click exploit in iMessage to conduct their attacks, but the report also claimed the attacks wouldn’t work against devices with iOS 14 due to undefined “new security protections”.

This prompted Project Zero’s Groß to reverse-engineer iOS 14 in order to establish the precise nature of any new security mechanisms. Beyond BlastDoor, it was also found that Apple had added a set of technical structural changes, including exponential throttling between restarts, to make it even harder for hackers to breach devices.

“Overall, these changes are probably very close to the best that could’ve been done given the need for backwards compatibility, and they should have a significant impact on the security of iMessage and the platform as a whole,” Groß said.

“It’s great to see Apple putting aside the resources for these kinds of large refactorings to improve end-users’ security. Furthermore, these changes also highlight the value of offensive security work: not just single bugs were fixed, but instead structural improvements were made based on insights gained from exploit development work.”

Featured Resources

Unlocking collaboration: Making software work better together

How to improve collaboration and agility with the right tech

Download now

Four steps to field service excellence

How to thrive in the experience economy

Download now

Six things a developer should know about Postgres

Why enterprises are choosing PostgreSQL

Download now

The path to CX excellence for B2B services

The four stages to thrive in the experience economy

Download now

Recommended

HackBoss malware is using Telegram to steal cryptocurrency from other hackers
cryptocurrencies

HackBoss malware is using Telegram to steal cryptocurrency from other hackers

16 Apr 2021
Russia launched over a million cyber attacks in three months
hacking

Russia launched over a million cyber attacks in three months

13 Apr 2021
Hackers leak data from dark web marketplace
cyber security

Hackers leak data from dark web marketplace

9 Apr 2021
Hackers are using fake messages to break into WhatsApp accounts
instant messaging (IM)

Hackers are using fake messages to break into WhatsApp accounts

8 Apr 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
University of Hertfordshire's entire IT system offline after cyber attack
cyber attacks

University of Hertfordshire's entire IT system offline after cyber attack

15 Apr 2021
NSA uncovers new "critical" flaws in Microsoft Exchange Server
servers

NSA uncovers new "critical" flaws in Microsoft Exchange Server

14 Apr 2021