Jailbreakers who’ve been at it for more than just a couple of seasons should recognize the Twitter handle @08Tc3wBB, as it belongs to a ZecOps security researcher touting a marvelous track record of infiltrating iOS and iPadOS.
Just this weekend, @08Tc3wBB took to Twitter to share what could only be described as a thought-provoking Tweet.
The Tweet indicates that the hacker has discovered a 0-day vulnerability that works on iOS & iPadOS 15 and successfully achieves arbitrary code execution — that’s security research lingo for code that isn’t supposed to run on a secure iPhone or iPad.
It’s also worth mentioning that because this is a 0-day vulnerability, Apple has had exactly 0 days to try and fix it. This means that Apple currently doesn’t know about the exploit and that it supports all versions of iOS & iPadOS 15 since Apple hasn’t patched it yet.
It remains to be seen whether @08Tc3wBB’s 0-day vulnerability would be useful for jailbreaking, and at this time, the hacker initially didn’t seem to have any plans to release it to the general public, but that now seems likely to change if the vulnerability proves viable and will likely follow a responsible disclosure process to prevent hackers from using it for malice.
We can only assume that a writeup and a release could come sometime after Apple finally discovers and patches the vulnerability, however it’s unknown if @08Tc3wBB plans to share the exploit with Apple or hang onto it for personal tinkering as many security researchers often do.
For what it’s worth, @08Tc3wBB has published kernel exploits in the past, but they certainly weren’t of the 0-day caliber.
It will indeed be interesting to see how things play out, as Apple has implemented a myriad of new security measures in iOS & iPadOS 15 to make it more difficult to crack. Still, talented hackers like @08Tc3wBBwill always seem to find a way in.