New SMS spoofing bug uncovered in all versions of iOS

Go down

New SMS spoofing bug uncovered in all versions of iOS

Post by Alpy on Sun 19 Aug 2012, 8:03 am

The iOS platform is considered to be hardened to most kind of attacks, but a noted iOS modder has discovered an SMS hack that is present in all current versions of iOS, as well as the most recent beta of iSO 6. The vulnerability allows a malicious individual to spoof an SMS message so that when viewed on your iPhone, it appears to come from a different sender.

The hack takes advantage of features present in the SMS standard; it just happens that Appleís way of displaying routing information for text messages is easily fooled. When an SMS is encoded, there is a section called UDH (User Data Header). The UDH has a number of advanced options, and one of them can be used to set the originating number. You can probably see where this is going.

If such a spoofed text message were to land on your iPhone, the device would display the reply number it gets from the UDH instead of the number it was actually sent from. This might not seem like an instantly troublesome bug, but it has some serious security implications.

If a user were to get an SMS that appears to come from their bank, they might be tricked into clicking on a link it contained. Thatís a great way to steal passwords without the user even knowing anything is fishy. Text messages can also be used as evidence in court, and this hack makes them unreliable.

This is not terribly easy to set up ó you need to deploy a SMS gateway. Additionally, Apple could render the attack toothless with a simple change in the new version of iOS. For the time being, though, donít trust those SMS messages too completely.




http://www.geek.com/articles/mobile/new-sms-spoofing-bug-uncovered-in-all-versions-of-ios-20120818/
avatar
Alpy

Male
Number of posts : 3484
Location : Alpbach
Humor : 'Humor is reason gone mad' G.Marx
Registration date : 2009-05-01

Back to top Go down

Re: New SMS spoofing bug uncovered in all versions of iOS

Post by Thistle on Sun 19 Aug 2012, 10:18 am

i never ever reply to sms messages from my bank or any other strange looking messages....i nknow one lady who keeps getting an sms from natwest about an account she doesnt even have with them ..lol
avatar
Thistle

Female
Number of posts : 10987
Location : guernsey
Job/hobbies : housewife,mother,gardener,
Humor : sometimes
Registration date : 2008-03-07

Back to top Go down

Re: New SMS spoofing bug uncovered in all versions of iOS

Post by kingcolemk on Sun 19 Aug 2012, 12:10 pm

All us computor illiterates really appreciate your regular tips and guidance, but I'm afraid we need a little more. That is help with abbreviations. For example what is SMS and iSO 6. You have already explained UDH which I would not have known, thank you.

kingcolemk

Male
Number of posts : 1040
Location : England
Registration date : 2008-12-18

Back to top Go down

Re: New SMS spoofing bug uncovered in all versions of iOS

Post by Alpy on Sun 19 Aug 2012, 5:13 pm

SMS ...Short message service sent from one mobile to another mobile.

iOS6 .... is a mobile operating system developed and distributed by Apple.
6 will be the latest software available to the iPhone and iPad.
avatar
Alpy

Male
Number of posts : 3484
Location : Alpbach
Humor : 'Humor is reason gone mad' G.Marx
Registration date : 2009-05-01

Back to top Go down

Re: New SMS spoofing bug uncovered in all versions of iOS

Post by kingcolemk on Sun 19 Aug 2012, 5:20 pm

Thanks.

kingcolemk

Male
Number of posts : 1040
Location : England
Registration date : 2008-12-18

Back to top Go down

Re: New SMS spoofing bug uncovered in all versions of iOS

Post by Sponsored content


Sponsored content


Back to top Go down

Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum