iPhone SMS messages hacked… now VZW on iPhone?

Using a previously unknown exploit, Vincenzo Iozzo and Ralf Philipp Weinmann managed to grab the SMS database from an iPhone lured to a rigged website. The exploit crashed the browser session, but Weinmann said that with some additional effort, he could have a successful attack with the browser running.

According to Halvar Flake, a renowned security researcher who assisted with the winning exploit, said the exploit doesn’t get out of the iPhone sandbox. “Apple has pretty good counter-measures but they are clearly not enough. The way they implement code-signing is too lenient,” Flake added.

The hack stole the entire SMS database, including deleted messages, and the whole process took only 20 seconds. Weinmann and Iozzo won a $15,000 cash prize and got the keep the hijacked iPhone.

CanSecWest’s Pwn2Own contest also includes $10,000 for someone who can hack the BlackBerry OS. I’m not sure if anyone has claimed the price yet as the conference is still going on.

HT: BBcool

and

2010
03/31
POSTED BY
CATEGORY
Technology
TAGS


Write comment

  1. “Cool story bro”, haha. Vet väl inte riktigt om jag kan hålla med. (im from netherlands)

  1. No trackbacks yet.

Talk to me!

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

SPONSORS

Connect with me

Bryan Lopez

Create Your Badge

A Group Blog I Participate In

The Way Into The Far Country
Follow

Get every new post delivered to your Inbox.