Apple “WifiDemon”


What is it?

Turns out the recently disclosed Apple WiFi vulnerability has more serious implications. The “WifiDemon” vulnerability allows an attacker to infect your phone without any interaction from you, known as “0-click” (“zero-click”). 

It was partially patched in iOS 14.6 removing the risk of an attack in its “0-click” form. However, joining a WiFi network set up by attackers still leaves you vulnerable. It does not help that attackers can mask the dangerous network by naming it something else, making it look legitimate.


Apple is working on a fix to this, hopefully to come in the next iOS 14.7 update. The best way you can protect your iPhone or iPad currently is to disable the WiFi Auto-Join Feature via Settings->WiFi->Auto-Join Hotspot->Never. Remember to only join networks you fully trust.

You can find more details about “WifiDemon” in this blog post from ZecOps research team.