In association with heise online

30 July 2009, 13:36

Multi-part SMS stops iPhone

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Black Hat Conference 2009
In two presentations at the Black Hat conference, hackers demonstrated SMS attacks that target the iPhone and other smartphones. The iPhone attack was previously announced in early July. Presenter Charlie Miller, who discovered the hole, said at the time that further investigations would be made.

It appears that these investigations have now been completed, because the programmer demonstrated how to cripple the Apple iPhone using specially crafted SMS messages. At the conference, Miller used multi-part SMS messages, but didn't send all their parts. This allows the iPhone's internal heap to be manipulated in such a way that a further SMS can set the program counter. The counter determines which step of a program is to be executed next.

In theory, this allows arbitrary programs to be executed on the phone. Both the original iPhones and phones that have been jailbroken are vulnerable to the attack.

Miller anticipates that new SMS worm exploits will attempt to read out the phone book and be able to autonomously attack other iPhones via the telephone network. In his joint presentation with Colin Mulliner later today, the specialist intends to demonstrate how to detect such vulnerabilities.

The Black Hat presentation of Zane Lackey and Luis Miras deals with SMS attacks on mobile phones in general. The two speakers plan to present tools that allow users to test the security of their devices.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit