Security researchers have stumbled across an iPhone SMS bug that could be used by nefarious pranksters to “quickly take over every iPhone in the world.” If that sounds somewhat doomsday-ish, that’s because it kind of is. The iPhone SMS text message bug was discovered by Charlie Miller and his similarly-named research colleague Collin Mulliner. The iPhone bug, says Miller, exploits flaw in the way the iPhone OS processes SMS text messages. Using the exploit, hackers could send a succession of SMS text messages to an iPhone, allowing them to gain complete control of the handset. Hackers can then commandeer the iPhone to send similar text message strings to other iPhones, spreading like wildfire.
“SMS is an incredible attack vector for mobile phones,” says Miller. “All I need is your phone number. I don’t need you to click a link or anything.”
Miller and Milliner plan to reveal the SMS text message security vulnerability on Thursday at the Black Hat cybersecurity conference in Las Vegas. The duo say they’ve alerted Apple to the security hole, but the iPhone-maker has yet to release a patch to the iPhone SMS bug. Once announced to the world, the iPhone bug could potentially allow iPhones around the world to be hijacked in a very short time.
Apple, the ball’s in your court.