Viruses/Worms News

Black Hat: Hacker exposes iPhone SMS flaw

Friday, July 31, 2009

A professional hacker and security researcher exposed a flaw in Apple's iPhone 3GS which could allow a hacker to hijack the phone as part of a botnet or crash the phone, at the Black Hat 2009 security conference in Las Vegas.

Charlie Miller, an authority on Mac OS X security and the co-author of the Mac Hacker's Handbook, said a SMS flaw could allow an attacker to use text messages to remotely execute malicious code to hijack the device or cause it to crash.

Miller, who had discussed the iPhone security bug at a security conference in Singapore earlier this month, said previously he was able to use a vulnerability in the way the iPhone receives text messages to remotely crash the phone.

He said hackers could theoretically exploit the vulnerability to monitor the location of the phone using GPS, turn on the phone's microphone to eavesdrop on conversations or hijack the phone as part of a botnet to send SMS spam or launch distributed denial-of-service attacks (DDoS).

Miller also warned that "jailbreaking" an iPhone to add software or capabilities not offered by Apple leaves the device vulnerable to hacking and viruses.

"If you care about security, don't use a jailbroken iPhone," Miller said.
ADNFCR-1765-ID-19291545-ADNFCR

Related News:

Researchers: Malware attackers reloading for Windows 7 assaults - 11.20.2009
A report issued yesterday by computer security firm Symantec says that hackers are undoubtedly reworking their malicious software to target Windows 7 as more users switch to the latest version of Microsoft's flagship OS.

Want to secure your iPhone against intruders? There's an app for that - 11.20.2009
Cisco Systems today released a free iPhone app that will allow users to receive security updates and the latest news on web threats, as well as aggregating additional security related content for iPhone users.

Microsoft says 64-bit versions of Windows are harder to infect - 11.19.2009
Members of Microsoft's security team write that 64-bit editions of Windows are much less susceptible to malware attacks, but outside experts caution that 64-bit malware could be the next big thing in cyber crime.

Google coming down hard on malicious advertisers - 11.18.2009
Search giant Google has said that it will lay down the law where scam artists and malvertisers are concerned: Permanent bans will be the result of any fraudulent activity on the company's AdWords service.

If at first you don't succeed: Most malware protection fails first round of certification testing - 11.17.2009
A study performed by security testing and research firm ICSA Labs says that almost four out of five computer security products fail their first certification tests and need to be retooled for a second and sometimes a third attempt.
View Related Resources
Or
Watch an Online Demo
Or
Have us call you now