toggle

AAPL Stock: 93.94 ( -0.49 )

Printed from http://www.macnn.com

Security flaw found in iOS, allows spoofing of SMS messages

updated 10:59 am EDT, Fri August 17, 2012

Could allow messages to silently re-direct to phishing sites

Security researcher Pod2g has discovered a flaw in the way iOS handles SMS messages that could conceivably allow for malicious texters to disguise messages as being from a known or trusted source, potentially getting users to reveal information they normally would not, or rack up inadvertent charges on their bill. Pod2g refers to the flaw as "severe" and plans on releasing a tool to allow iPhone 4 users to send messages in "raw" PDU format until the vulnerability is fixed.

While there are as yet no reports of the problem appearing "in the wild," and the flaw does not allow for code execution or other malware, Pod2g says he suspects that other iOS security researchers know about the flaw and perhaps some pirates as well. The flaw has existed right the way through all the various iterations of iOS and is still present in the latest beta of iOS 6, he adds, urging Apple to fix the issue before final release.

In brief, the flaw involves a set of header information options that ride along with the actual message body that contain additional information not all smartphones are compatible with. One of the options allows the sender to change the number that the message appears to be sent from and the number the receiver would reply to. "In a good implementation of this, the receiver would see [both] the original phone number and the reply-to one," the semi-anonymous researcher writes. "On iPhone, when you see the message, it seems to come from the reply-to number, and you lose track of the origin."

The flaw could aid pirates by allowing them to sent messages that appear, for example, to be coming from the user's bank asking them to call and verify information, or inviting them to click to visit a malicious webpage. Many other possibilities for phishing or criminal activity are also available through social manipulation.

Pod2g says that for now, users should simply be suspicious of any SMS that includes a reply-to number from an institution or relative stranger. The workaround is to use either a tool he is developing for the iPhone or to utilize a third-party SMS gateway that lets users send and receive messages with the extra header information stripped out (ie, raw PDU format) so that the true originating number of the SMS message is preserved.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Razer Kraken Pro headset

Gaming headphones are a challenge to get right, for a long list of reasons that are unique to the consumer buying them. Some shoppers ...

Patriot Aero Wireless Mobile Drive

Regardless of how large a tablet you buy, you always want more space. There's always one more movie or another album you'd cram on, ...

Patriot Fuel+ 6000 and 9000mAh batteries

Mobile device batteries are better than they used to be, but there's always a scenario where users could use more juice. Upgrade manu ...

toggle

Most Commented