This is so new that it freaked me out! Now I have to be careful where I browse using my iPhone. At the security company TippingPoint which owns and organizes the security competition Pwn2Own under a Zero day initiative, iphone was reportedly hacked in less than half a minute, thankfully it was at a competition and was not some crazy hacker.The minds behind this were of Vincenzo Iozzo and Ralf Philipp Weinmann both working in the Information Security fields. While Vicenzo works as a reverse engineer at Zynamics GmbH, Ralf is from the University of Luxembourg. As soon as the hack was tried, Pwn2Own twitter posted a message
“Vincenzo Iozzo and Ralf Philipp Weinmann successfully exploit the iPhone via Safari! Their payload pulled the SMS database.”
The iphone model used was a 3GS model and was running OS 3.1.3. The hack took place within 10 minutes of the show getting started. They were awarded a prize of $15,000 – a nice amount for a 20 second job! Among other hacks were Safari on Snow Leopard and IE 8 on Windows 7 were also hacked.
According to Weinmann and Iozzo the entire exploit took two weeks to write. iPhone had to visit a site hositng the malicious code that would in turn steal their SMS database. Every page the visitor accessed will help them grab more data from the SMS database and upload to their server. Any attacker using this exploit had the potential to do more damage without leaving the iPhone Sandbox, a tightly-controlled set of resources for running unverified codes. The exploit bypassess the digital signatures for verifying if the code in memory is from Apple or not. Part of the exploit was to use a non-root user called ‘mobile’ which has non-root user access to the phone. More information was withheld until Apple comes out with a patch.
Of all the hacks, phone hacks are the scariest, imagine all your personal information, text messages and those naughy pictures made available to a hacker! Even the iPhone was not spared and what was most shocking was it was done in less then 20 seconds. Hopefully Apple is taking notes of this issue.
[…] This post was mentioned on Twitter by itgrunts. itgrunts said: New blog post: iPhone SMS database hacked in 20 seconds http://itgrunts.com/2010/03/25/iphone-sms-database-hacked-in-20-seconds/ […]