Jailbroken or Not: iPhone's Vulnerable to SMS Hack
Techtree News Staff, Jul 31, 2009 1654 hrs IST
This could also be used to "infect" the iPhone with malicious code
Two security experts, Charlie Miller and Colin Mulliner, have demonstrated, at a Black Hat presentation, how hackers could possibly "hack" into an Apple iPhone and wreck havoc. The two analysts also showcased how competing Mobile OS's Android and Windows Mobile too isn't safe from such an attack.
Charlie Miller, who is an Independent Security Evaluators researcher clarifies that the hack takes advantage of the way in which the iPhone handles the SMS protocol. He adds that using this hack a possible hacker can even launch a Denial of Service (DOS) attack. Now, what this brings to our notice is the recent claim by Apple about its fears regarding jailbroken iPhones being susceptible to security breaches. While Apple's version of the story claims jailbroken iPhone can be used to bring down cellular towers, this hack mentions nothing of that sort. However, other things like the hacker being able to intercept text messages and vulnerability to malware remain. Now, we are not sure if the "hacks" are related, but both do sound similar.
As for what all can be done, the hacker could flood a user with spam text messages, shut the phone, deface text or even reconfigure keys. Another facet of this attack is that this could also be used to "infect" the iPhone with malicious code without any user intervention. This means, the user doesn't need to click on any malicious link to get his phone infected. In a worst case scenario, the infected iPhone would scourge the user's contacts list and send spam messages to everyone in the list, thereby infecting more phones in the process. According to F-Secure's chief research officer, Mikko Hypponen, trojans designed for the iPhone could be used to steal data and can also turn the phone to a remote spying device.