How to hack an iPhone using SMS

happygeek

There are two things you can be sure of about the annual Las Vegas Black Hat security conference: nobody will use the free wifi as they are all too worried about being hacked, and someone will demonstrate an exploit that will scare the living bejesus out of you. The latter has just happened for iPhone users.

One well known discoverer of such things, Charlie Miller from Independent Security Evaluators, has revealed how a vulnerability can give savvy attackers the ability to gain complete control over your iPhone without any action on the part of the victim. Yep, this is the mother of all mobile remote hijack exploits by the look of it. Using nothing more complicated than a specially constructed text message, Miller says that malicious code can be executed in order to crash the device at the lesser evil end of the scale or take complete control for the more malicious attacker. It is even possible to use the attack to send text messages on to everyone in the victim's contacts list so spreading the hijack quickly to many more handsets.

Miller has been able to demonstrate the vulnerability courtesy of weaknesses in the iPhone CommCenter service that has responsibility for SMS and wireless functionality. Amazingly this runs as root but is not limited by any kind of application sandbox, so Miller realised it was ripe for use as a remote control hacking vector. All that is required is a slight modification of the data that arrives on the iPhone with the SMS text message itself. So far Miller and his team have managed to write software that can exploit the weakness on four different mobile networks in Germany and AT&T in the USA.

Apple has yet to publicly respond to news of the vulnerability, although it has known about it for weeks now. Given its track record on fixing security problems I am not hopeful of a speedy resolution.

In the meantime iPhone users are being urged to keep an eye open for any text message which arrives containing a single square character. Miller reckons this is a giveaway to the exploit and users should immediately turn off their handset if they notice such a message to prevent falling victim to it.

375 Views
About the Author

A freelance technology journalist for 30 years, I have been a Contributing Editor at PC Pro (one of the best selling computer magazines in the UK) for most of them. As well as currently contributing to Forbes.com, The Times and Sunday Times via Raconteur Special Reports, SC Magazine UK, Digital Health, IT Pro and Infosecurity Magazine, I am also something of a prolific author. My last book, Being Virtual: Who You Really are Online, which was published in 2008 as part of the Science Museum TechKnow Series by John Wiley & Sons. I am also the only three times winner (2006, 2008, 2010) of the BT Information Security Journalist of the Year title, and was humbled to be presented with the ‘Enigma Award’ for a ‘lifetime contribution to information security journalism’ in 2011 despite my life being far from over...