toggle

AAPL Stock: 116.32 ( + 0.01 )

Printed from http://www.macnn.com

Security flaw found in iOS, allows spoofing of SMS messages

updated 10:59 am EDT, Fri August 17, 2012

Could allow messages to silently re-direct to phishing sites

Security researcher Pod2g has discovered a flaw in the way iOS handles SMS messages that could conceivably allow for malicious texters to disguise messages as being from a known or trusted source, potentially getting users to reveal information they normally would not, or rack up inadvertent charges on their bill. Pod2g refers to the flaw as "severe" and plans on releasing a tool to allow iPhone 4 users to send messages in "raw" PDU format until the vulnerability is fixed.

While there are as yet no reports of the problem appearing "in the wild," and the flaw does not allow for code execution or other malware, Pod2g says he suspects that other iOS security researchers know about the flaw and perhaps some pirates as well. The flaw has existed right the way through all the various iterations of iOS and is still present in the latest beta of iOS 6, he adds, urging Apple to fix the issue before final release.

In brief, the flaw involves a set of header information options that ride along with the actual message body that contain additional information not all smartphones are compatible with. One of the options allows the sender to change the number that the message appears to be sent from and the number the receiver would reply to. "In a good implementation of this, the receiver would see [both] the original phone number and the reply-to one," the semi-anonymous researcher writes. "On iPhone, when you see the message, it seems to come from the reply-to number, and you lose track of the origin."

The flaw could aid pirates by allowing them to sent messages that appear, for example, to be coming from the user's bank asking them to call and verify information, or inviting them to click to visit a malicious webpage. Many other possibilities for phishing or criminal activity are also available through social manipulation.

Pod2g says that for now, users should simply be suspicious of any SMS that includes a reply-to number from an institution or relative stranger. The workaround is to use either a tool he is developing for the iPhone or to utilize a third-party SMS gateway that lets users send and receive messages with the extra header information stripped out (ie, raw PDU format) so that the true originating number of the SMS message is preserved.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Plantronics BackBeat Pro Bluetooth headphones

Looking for a pair of headphones that can do everything a user requires is a task that can take some study. Trying to decide on in-ear ...

MaxUpgrades 512GB Retina MacBook Pro SSD

Apple's Retina line of MacBook Pro notebooks have been impressive, right from their debut in 2012. Thinner than the previous model, t ...

Lemur BlueDriver

"Oh no, the check engine light is on…again! What one of the hundreds of reasons could it be this time? Probably going to cost a for ...

toggle

Most Commented