toggle

AAPL Stock: 102.7 ( + 0.45 )

Printed from http://www.macnn.com

Security flaw found in iOS, allows spoofing of SMS messages

updated 10:59 am EDT, Fri August 17, 2012

Could allow messages to silently re-direct to phishing sites

Security researcher Pod2g has discovered a flaw in the way iOS handles SMS messages that could conceivably allow for malicious texters to disguise messages as being from a known or trusted source, potentially getting users to reveal information they normally would not, or rack up inadvertent charges on their bill. Pod2g refers to the flaw as "severe" and plans on releasing a tool to allow iPhone 4 users to send messages in "raw" PDU format until the vulnerability is fixed.

While there are as yet no reports of the problem appearing "in the wild," and the flaw does not allow for code execution or other malware, Pod2g says he suspects that other iOS security researchers know about the flaw and perhaps some pirates as well. The flaw has existed right the way through all the various iterations of iOS and is still present in the latest beta of iOS 6, he adds, urging Apple to fix the issue before final release.

In brief, the flaw involves a set of header information options that ride along with the actual message body that contain additional information not all smartphones are compatible with. One of the options allows the sender to change the number that the message appears to be sent from and the number the receiver would reply to. "In a good implementation of this, the receiver would see [both] the original phone number and the reply-to one," the semi-anonymous researcher writes. "On iPhone, when you see the message, it seems to come from the reply-to number, and you lose track of the origin."

The flaw could aid pirates by allowing them to sent messages that appear, for example, to be coming from the user's bank asking them to call and verify information, or inviting them to click to visit a malicious webpage. Many other possibilities for phishing or criminal activity are also available through social manipulation.

Pod2g says that for now, users should simply be suspicious of any SMS that includes a reply-to number from an institution or relative stranger. The workaround is to use either a tool he is developing for the iPhone or to utilize a third-party SMS gateway that lets users send and receive messages with the extra header information stripped out (ie, raw PDU format) so that the true originating number of the SMS message is preserved.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Life n Soul BM211 Bluetooth speaker

Bluetooth speakers aren't only for listening to some music at the park or on a long bus ride, but can also be built with tablets in m ...

Epson PowerLite Home Cinema 2030 projector

With high-definition televisions now the standard, 4K televisions becoming the next big thing, and plasma TVs going the way of the din ...

Life n Soul 8 Driver Bluetooth headphones

When it comes to music on the go, consumers generally have some options to consider when looking for the best experience. While Blueto ...

toggle

Most Commented