On Thursday at the Black Hack conference in Las Vegas the security researchers, Charlie Miller and Collin Mulliner, demonstrated a SMS security vulnerability that exists in the iPhone, Android based mobile phones, and Windows Mobile phones.
The attack involves simply receiving a series of malformed SMS from a hacker, just receiving these SMS will cause the targeted mobile phone to either crash or worst taken over by the attacker. The latter is possible with the iPhone.
When the attacker takes over the iPhone they can make calls, visit web sites, turn on the camera and most of all forward the SMS to people in the iPhone’s Contact list.
The security researchers informed Apple, Google and Microsoft of the vulnerability about a month ago. At that time, they told these companies that the SMS security vulnerability will be the topic of their speech at the Back Hack conference in Las Vegas. After Google was informed they released a fix to Android. The researchers did not hear from Apple.
Continue reading “Apple Fixes SMS Security Vulnerability on iPhone”