An iOS exploit for an exploit in the Android operating system that allows the remote access to any device on an Apple device, as long as the device is rooted, could lead to a ransom of up to $100,000, according to an analysis of an exploit published on Tuesday.
Dubbed the “Android Malware Exploit,” the exploit works by downloading an unsigned APK file, and then downloading and executing a command-and-control (C&C) server that runs on a targeted device, according the researcher behind the exploit.
Once the exploit is running, the attacker can download and execute a remote shell to execute commands on the target device, such as downloading a file, opening a folder, or running a system service.
The remote shell also contains a command that executes the malware, and the exploit itself is a “command injection script,” according to the researcher.
The researcher did not specify how the exploit would be exploited, or what the ransom could be worth.
Apple did not immediately respond to a request for comment.
The attack is believed to be the work of an individual using the alias “Kev”, the researcher said.
“It’s definitely not a malicious app,” he added.
“It’s a botnet exploit that takes advantage of a few vulnerabilities in the vulnerable Android OS to make a quick buck.”
According to the analysis, the exploit requires a phone running Android 4.0 or higher to be rooted.
“The attacker could download a malicious APK that installs itself and runs on the phone, without the user’s knowledge, without permission, with an unknown amount of RAM and without any user interaction.
After the APK is downloaded, the malware runs a command and control server on the device, and sends the commands via the command line,” the researcher wrote.
This makes it possible for the attacker to get full access to the device.
The attacker also needs to install a third-party exploit.
“We’ve found that there are multiple exploits for this exploit,” the analyst wrote.
“In particular, we’ve found multiple malicious APNs, some of which are quite common.”
“We’re sure that there is an attacker with access to Android,” he continued.
“And, of course, we’re sure there is a malicious third-parties that can do these things.
We have no proof of this yet, but we do know that there’s a lot of work in the development.”
According the researcher, the exploited exploit could be used for a variety of purposes, such the remote control of an iOS device, remote denial-of-service attacks, and other remote exploits.
Apple did not reply to a call for comment, and a spokesperson for Google did not respond to requests for comment on the exploit or any possible exploits it may have.