Click to Skip Ad
Closing in...

Big security flaw that could cost you a fortune found in iPhone

iPhone Security Flaw

Remember that big security flaw in Android that could allow nefarious sites to trigger phone calls to premium-rate phone numbers, potentially costing you huge amounts of money before you even realize something is wrong? Well, it turns out that a similar flaw exists in iOS, and iPhone users are at risk as well.

Andrei Neculaesei, a developer at Copenhagen-based wireless streaming company Airtame, has discovered that many popular iOS applications include functionality that could be exploited to trigger premium-rate calls on any iPhone.

“When a user taps a telephone link in a webpage, iOS displays an alert asking if the user really wants to dial the phone number and initiates dialing if the user accepts,” Neculaesei wrote in a post on his blog. “When a user opens a URL with the tel scheme in a native app, iOS does not display an alert and initiates dialing without further prompting the user.”

He continued, “So if I click the link in Safari I get the prompt asking me to confirm my action, if I click the link in a native app’s webView it doesn’t ask and performs the action right away (makes the call).”

Neculaesei noted that hugely popular apps including Facebook, Twitter, Google, LinkedIn, Facebook Messenger and Google+, Gmail and FaceTime are all vulnerable to this flaw.

Zach Epstein

Zach Epstein has worked in and around ICT for more than 15 years, first in marketing and business development with two private telcos, then as a writer and editor covering business news, consumer electronics and telecommunications. Zach’s work has been quoted by countless top news publications in the US and around the world. He was also recently named one of the world's top-10 “power mobile influencers” by Forbes, as well as one of Inc. Magazine's top-30 Internet of Things experts.

Popular News