First iPhone Remote Exploit Revealed by White Hats

Viewing 3 reply threads
  • Author
    Posts
    • #1519
      Don Donzal
      Keymaster

      Dan Kaplan Jul 23 2007 SC Magazine

      In the first true hack of this summer’s hottest item, white hat researchers today revealed the Apple iPhone is susceptible to a remote exploit that can give attackers complete control over the device.

      A team of consultants at Baltimore-based Independent Security Evaluators today released general details about a buffer overflow vulnerability that could permit malware writers to inject malicious code to steal personal information from a user’s phone, one of the researchers, Jake Honoroff, told SCMagazine.com today. The attack also could be tweaked to drop other malware, for example, a keylogger.

      Attackers would attempt to get victims to visit a specially crafted malicious website either through an email link or by controlling a wireless access point, Honoroff, who worked with researchers for 10 days to discover the flaw, said.

      As part of the attack, the thieves, who attain administrative privileges, pilfer personal information, which is then sent to a server the attacker operates. The stolen iPhone data can include stored contacts, text messages or passwords, Honoroff said.

      “You could make it (the malicious webpage) look totally real, but after a few seconds, their browser would close and all of their information could be stolen,” he said.

      The Independent Security Evaluators notified Apple about the flaw, and the consulting company is hopeful it will be patched soon. The research team, which included Charlie Miller and Joshua Mason, did not release specific instructions of how to take advantage of the flaw in their disclosure write-up today, and there are no reports of public exploits.

      Apple officials would not disclose whether a patch is coming but said the company is investigating the claims.

      “We always welcome feedback on how to improve our security,” company spokeswoman Lynn Fox told SCMagazine.com today.

      The bug is caused by a buffer overflow, a common programming error in which an application attempts to store data beyond its memory capabilities.

      To avoid falling victim, users should only visit websites they know and rely on wireless connection points they trust.

      If a patch is released, users would download it through the phone’s iTunes feature.

      Honoroff said the proof-of-concept code shows the iPhone is vulnerable, like any other web-enabled machine. Other researchers have attempted to “unlock” the device over a USB connection, but this marks the first successful break-in over a remote connection, he said.

      “The iPhone is a powerful computer and powerful computers are vulnerable to security issues,” he said.

      Gartner, in a July 10 report, warned enterprises to expect three or four “critical” patches to be released this year for first-generation versions of the iPhone.

      “Apple’s iPhone was designed and developed first and foremost to appeal to the consumer market,” the report said. “Apple didn’t include a portfolio of security features and supporting products that are expected by enterprise buyers.”

      According to the Independent Security Evaluators, although the iPhone restricts third-party applications, it offers the risk of easy exploit because it runs critical processes with administrative privileges and does not use address randomization or non-executable heaps.

      Original story:
      http://www.scmagazine.com/us/news/article/672808/first-iphone-remote-exploit-revealed

      Don

    • #13475
      Anonymous
      Participant

      w00w00

      beat you to it craig and brian!  ;D

    • #13476
      boney
      Participant
    • #13477
      blackazarro
      Participant

      Just two days before revealing the iPhone exploit at Black Hat, Apple release the first patch for the mobile device.

      The patch for the iPhone comes two days before a presentation at the Black Hat Security Briefings by Charles Miller, a researcher with Independent Security Evaluators, which promises to reveal details of a serious flaw in the mobile phone’s stripped-down browser. The patch fixes that flaw and four others.

      Complete story:

      http://www.securityfocus.com/brief/560

Viewing 3 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?