Click to Skip Ad
Closing in...
  1. Amazon Gift Card Promotion
    14:41 Deals

    Amazon’s giving away $15 credits, but this is your last chance to get one

  2. Control Garage Door With iPhone
    08:10 Deals

    Unreal deal gets you Amazon’s hottest smart home gadget for $23 – plus a $40 c…

  3. Self-Emptying Robot Vacuum
    16:11 Deals

    Amazon coupon slashes our favorite self-emptying robot vacuum to its lowest price ever

  4. Amazon Deals
    07:58 Deals

    10 deals you don’t want to miss on Saturday: $5 Alexa smart plugs, $110 electric sta…

  5. Amazon Echo Auto Price
    11:41 Deals

    Last chance to add hands-free Alexa to your car for $19.99 with this Amazon deal

Major iPhone security flaw uncovered by hacker

Zach Epstein
August 17th, 2012 at 9:45 AM

A major security flaw that has existed in Apple’s (AAPL) iPhone since the device was first released in 2007 has been revealed by a well-known hacker. The iOS security researcher, known publicly only as “pod2g,” on Friday published details about the vulnerability, which affects all versions of iOS through to the latest beta release of iOS 6.

According to pod2g’s report, the reply-to number that is displayed when an iPhone user views an SMS can easily be manipulated to display a number other than the one sending the message. Using a simple procedure, this exploit can be used by malicious attackers to send messages that appear to be from a trusted source — a bank, perhaps — but any replies to the SMS would be routed to a separate phone number without the sender’s knowledge.

Pod2g notes that the iPhone is not the only handset vulnerable to the flaw.

“In the text payload, a section called UDH (User Data Header) is optional but defines lot of advanced features not all mobiles are compatible with,” he explained. “One of these options enables the user to change the reply address of the text. If the destination mobile is compatible with it, and if the receiver tries to answer to the text, he will not respond to the original number, but to the specified one.”

The researcher says this security flaw is severe and he urges users to be wary of any SMS messages asking for sensitive information.

Zach Epstein

Zach Epstein has worked in and around ICT for more than 15 years, first in marketing and business development with two private telcos, then as a writer and editor covering business news, consumer electronics and telecommunications. Zach’s work has been quoted by countless top news publications in the US and around the world. He was also recently named one of the world's top-10 “power mobile influencers” by Forbes, as well as one of Inc. Magazine's top-30 Internet of Things experts.

Popular News