At the RSA 2015 conference, Adi Sharabani and Yair Amit (Skycure team) unveiled a zero-day vulnerability in iOS 8 that when used by a malicious wireless hotspot, it can crash repeatedly on all Apple devices, namely iPhones, iPads and iPods.
The researchers called the attack "No iOS Zone", and it can make all iOS devices vulnerable and unstable or even completely useless, causing constant restarts.
"Anyone from any router can create a Wi-Fi hotspot and force you to connect to their network. "It may then manipulate the motion to cause the operating system to crash," Sharabani told a RSA security conference in San Francisco today.
"There is nothing you can do about it, except maybe to avoid raiders. It's not a common denial-of-service where you can not just use your Wi-Fi - it is a denial-of-service that you will not be able to use your device even offline.
Denial-of-service attack is enabled by handling SSL certificates sent to iOS devices via Wi-Fi, and specially crafted data will trigger the application or possibly the operating system itself.
"Since the vulnerability has not been fully confirmed, and has not yet been determined, we have decided not to provide additional technical details to ensure that iOS users will not be exposed to Exploit," the researchers said.
View the videos of the presentation
https://www.youtube.com/watch?v=PmgI0LaFYLA
https://www.youtube.com/watch?v=i2tYdmOQisA
You can download the presentation of the attack in format PDF, from its official page RSA 2015 .