The iPhone has finally succumbed to the hacking efforts of Independent Security Evaluators – but not in the good way that would leave us with an unlocked iPhone. We wish we could kick off the new week with news that the iPhone’s GSM radio has finally been cracked to work on non-AT&T networks. Instead we’re going to tell you about the first ever malicious-code exploit on the iPhone.
Apparently, Independent Security Evaluators were able to take full control of their iPhone through malicious code embedded into a webpage. According to a Security Evaluators post, the iPhone user can be tricked into navigating tot he malicious webpage in a few different ways:
- An attacker controlled wireless access point: Because the iPhone learns access points by name (SSID), if a user ever gets near an attacker-controlled access point with the same name (and encryption type) as an access point previously trusted by the user, the iPhone will automatically use the malicious access point. This allows the attacker to add the exploit to any web page browsed by the user by replacing the requested page with a page containing the exploit.
- A misconfigured forum website: If a web forum’s software is not configured to prevent users from including potentially dangerous data in their posts, an attacker could cause the exploit to run in any iPhone browser that viewed the thread. (This would require some slight changes in our proof of concept exploit, however.)
- A link delivered via e-mail or SMS: If an attacker can trick a user into opening a website that the attacker controls, the attacker can easily embed the exploit into the main page of the website.
The malicious code can be used to tap into the information stored on the iPhone – call logs, SMS text messages, address book, call history, and voicemail data can all be transmitted to the hacker. And, it’s foreseeable that the code can be changed to execute any of the iPhone’s functions – send mail passwords, send premium SMS text messages, even record audio (although audio recording is not a feature on the iPhone, as of yet).
So, how do you avoid this particular vulnerability from biting you in the you-know-where? Don’t click on any links embedded into emails; only visit trusted websites; never use an untrusted wireless access point and your’re in the clear (at least as far as this exploit is concerned).
On the upside, this vulnerability has already been reported to Apple. And, since the iPhone can be easily updated through iTunes, as opposed to waiting for a firmware update, we expect an official patch from Apple before this exploit becomes a real problem. There are no reported instances of any iPhones being subverted using this particular hack, and the malicious code has not been released into the wild – so iPhones are still in good shape.
Now, we’re just waiting for the even more impressive news that the iPhone has been hacked to work on any GSM network.