Elisha and Roy members of research team started to analyze the crashes further, and identified the source of the problem. They found that by generating a specially crafted SSL certificate, attackers can regenerate a bug and cause apps that perform SSL communication to crash at will. Then they created a script that exploits the bug over a network interface.
Parsing SSL certificate vulnerability affects the underlying iOS operating system, and with heavy use of devices exposed to the vulnerability, the operating system crashes. Under certain conditions, the devices can be put into a repeatable reboot cycle, rendering them useless.
For most of the people iOS app crash is simply a quality issue. They just install a different firmware and move on.
But the victim’s device in an unusable state for as long as the attack impacts a device. Even if victims understand that the attack comes from a Wi-Fi network, they can’t disable the Wi-Fi interface in the repeated restart state as shown in the video.
The issues have been reported to the Apple. To avoid this vulnerability exploit the users may take following steps.
1)Users should disconnect from the bad Wi-Fi network or change their location in case they experience continuous crashing or rebooting.
2)The latest iOS 8.3 update might have fixed a few of the mentioned threats–users are highly advised to upgrade to the latest version.
3)In general, users should avoid connecting to any suspicious “FREE” Wi-Fi network.