Apple Watch Ultra 2 Hacked

I'm sure hackers have simply found yet another vulnerability in safari/webkit or imessenger that lets them take over your ios device without you even knowing it as they do most iphones or ipads. At this point this is common affair for any ios devices to be exploited as soon as another vulnerability is found regularly, so why not a watch with those too.

Basic web searches show how common exploits have gotten against apple devices in general with their built-in services, and lucky for you, apple won't let you use another browser engine or messaging platform that would let you disable or mitigate the security weaknesses in their own core products.

https://duckduckgo.com/?t=ffab&q=ios+vulnerabilities+webkit+imessage&ia=web

This just happened to me. No prior call to my watch going nuts. My weather app kept scrolling through even thought I had just been looking in the list of recent notifications. Took my watch off so it locked then it locked by guessing the passcode wrong. Unpaired and reset my watch to factory was the only way to stop it from locking it again. During this the power button was inaccessible.

It has happened again. Today April 1 at 9:40am EST (DST) my wife's Ultra II watch was hacked again. Multiple log in attempts were obviously being made. We immediately shut down the watch using the procedure I referenced in my previous posting - performing a hard reset holding the crown and side button for about 7 seconds. This is her second hack attempt that we are aware of. I don't care what some others have posted suggesting it was not a hack. This is clearly a hack attempt to get into the system. These are clearly deliberate and unauthorized attempts to get into the watch OS by a third party. Her watch is a cellular version and have both access to cellular service and wifi. Our wifi is behind a firewall so we believe this is an attack via cellular network. I am no expert so I cannot be sure. We need Apple to get serious about helping us prevent this phishing mode of attack from happening. Good luck to everyone.

This happened to me today as well on a Series 9. Text messages were actually sent to my husband that I never typed or physically sent myself. One reading, "I'm bored" and the other "Nothing." - the second message was a reply to one of his earlier messages to me today. I took a video and every time I clicked the crown button, it was as if someone was scrolling through my watch and selecting different applications to open. One was Find My and the others were in the fitness application and weather application (all of which would reflect locations of myself and my devices). I am very worried - especially given the data breach/hack that AT&T suffered over the weekend. I am not sure that they coincide - but nonetheless, am scared.

Experience the same with my watch ultra 2 today.

Did reset the watch from my iphone, it helped.

I didn't have wifi turned on, but my watch has e-sim with mobile data

And it was fixed in 10.4 on March 7.

Apple release bug fixes but if people don't update then the bug is still there.

I couldn’t tap any buttons on the Watch, it felt like someone else was in control trying to do something else. I freaked out and reset the whole thing using paired iPhone. This is Apple Watch 1.

My wife's Ultra 2 smart watch was also hacked yesterday February 2 at around 4:30pm est. Her watch has mobile service. I can't be certain but I don't believe it was accessed by wifi, or at least wifi alone. Coincidently she did receive a call just before the incident and may have been related to the gaining access to the watch. We considered the caller a spammer and was calling to provide financial aid for debt. We hung up immediately. It was crazy and very upsetting. Soon after, the watch started acting on its own and was pinging her iPhone. Once she took the watch off it started trying to log in to the watch using different codes. Fortunately it failed and was locked out. Then we struggled to figure out what to do next - mainly trying to power it down. The power button in the upper right corner did not work. Finally going for the reset worked - pressing the crown and holding in the side button until the reset option was shown. We are carefully resetting everything using other devices that do not appear to have been compromised. Any information about this event and any steps or precautions to take would be appreciated.

same happened to me today in Germany. The watch acted strange. I took it off and it locked. Then somehow numbers were filled in and it went to block for 1 minute, then 5 and when it arrived at 15 minutes block i started to reset the watch, which was successful. Not sure… can i just restart and connect it again with my phone? Or should i wait for a watch os update to close the security problem?

Just had the same existence with ultra 2 at a Culver’s restaurant. I tried to walk around and find the person since it is likely a Bluetooth vulnerability. They were unable to guess passcode and locked my watch for 60 minutes which covered the rest of my eating time. Got home and trying to see if I can reset it. Was unable to shut it down during the passcode attempts.

Mine just did the same thing was hacked and going crazy would t let me power off, reset from my phone and now it’s shut down. Welp I tried Apple again about a month ago, bought a iPhone 15promax ultra2 watch, and a MacBook Air pro. All within the last month switching back to android and selling the Apple garbage maybe I’ll just break it so no one else has to deal with this crap

The same thing happened to me: https://www.youtube.com/watch?v=G6dazJk9AtU

Date of Incident: February 6, 2024, at 18:36 CST

Device: Apple Watch Series 9

Issue Description:

I am writing to report a significant security concern that recently occurred with my Apple Watch Series 9. I experienced a disturbing incident where my device appeared to be remotely controlled by an unauthorized external party. This unauthorized access and control persisted until the device was manually powered down. The incident has raised serious concerns regarding the security and privacy of my personal data stored on or accessible through the device.

Evidence and Documentation:https://www.youtube.com/watch?v=G6dazJk9AtU

I possess a recording of the incident, which unequivocally demonstrates the manipulation of my device by an external entity. This documentation should provide valuable insights into the nature of the breach, potentially aiding in identifying the method of unauthorized access.

Earlier on the week I reported an Ultra 2 watch suffering this same thing, now as you mention had same issue with my daughter, she had experienced the same issue with a Series 9. Based on the shared stories that some of the hacks were with or with out WIFI I thought it was related to cellular service. My daughters Series 9 has no cellular service.

My biggest concern is that I have no I idea what I do to make the watch vulnerable and I just re boot it but haven't made a significant action to prevent it. I would assume that an expedited new version of the IOS can solve this (if they are working on it), but haven't heard anything official on this matter. Has some one heard something? have heard how to stop the hack at the moment, but haven't heard how to prevent it from happening again! anyone? scary...

Today 10th February 2024 at around 6.20am, someone tries to snoop into my Applewatch Ultra 2. As they were trying to get over the password, my watch was locked for 1 min and then again they tried to enter the password the moment 1 min was over. This time watch was blocked for 5 mins. I was awake surfing my iphone and the watch was beside me on the table. I heard the haptics and typing click sound again and again, then i saw all these happenings right infront of me. I immediately reset my watch from my iphone.

I setup it again as a new pair of watch skip the backup of data. Changed the password to more secure and random.

@applecare - WHAT IS HAPPENING ? Give response to us

At the behest of people asking us to report this I’ve done so, to which I was told that no one is tracking this. “I have reviewed and checked the daily reports from our management team and I right now we don't have and active report like this one.” So I sent the Apple representative this discussion and asked them why no one is tracking all of these reports in this discussion. They gave me a supervisors number.