We’re getting reports that iPhone was the first to fall at this year’s Pwn2Own contest organized by TippingPoint ZDI.
A pair of European researchers, Vincenzo Iozzo and Ralf Philipp Weinmann have successfully hacked the iPhone via a Mobile Safari exploit and hijack the entire SMS database, including text messages that had already been deleted.
The organizers of the event announced this breaking news via a tweet:
Vincenzo Iozzo and Ralf Philipp Weinmann successfully exploit the iPhone via Safari! Their payload pulled the SMS database.
Though they hacked an iPhone 3GS running iPhone OS 3.1.3, it affects security of all iPhones.
Folks at Threadpost have provided some more details from the event:
The exploit crashed the iPhone's browser session but Weinmann said that, with some additional effort, he could have a successful attack with the browser running.
Weinmann explained:
"Basically, every page that the user visits on our [rigged] site will grab the SMS database and upload it to a server we control."
Vincenzo Iozzo (32) and Ralf Philipp Weinmann (22) found the vulnerability and also to wrote the exploit. They also got assistance from Halvar Flake, a renowned security researcher.
According to Flake:
“The biggest hiccup was bypassing the code-signing mitigation implemented by Apple on its flagship mobile device.
This exploit doesn't get out of the iPhone sandbox but noting that an attacker can do enough damage without escaping from the sandbox
Apple has pretty good counter-measures but they are clearly not enough. They way they implement code-signing is too lenient.”
In addition to hijacking the SMS database, Weinmann believes that the exploit could have also hijacked the phone contact list, photographs and iTunes music files though he wasn’t sure if it would be able to hijack emails.
Weinmann and Iozzo won a cash prize of $15,000 and also get to keep the hacked iPhone.
It will be interesting to see when Apple releases an update to close the exploit as it sounds quite scary that a rigged site could get access to your personal data on the iPhone.
Let us know your thoughts in the comments.
[via Threadpost]
all i have to say is WOW!!!
Волков боятьса – в лес не ходить.
If you scared wolves, then how did you get to a forest?
Hey Apple, time to approve the Opera Mini browser as a safer web experience? Lol.
Defenetly apple should approve browser alternatives. Specialy when they canot provide secure one.
Agreed! Apple is now forcing us to use insecure software that gives out our info to whomever asks and is refusing to allow competition. I wish there were laws protecting us against this kind of thing.
At least Apple can't claim that Opera 'duplicates functionality' of their own dodgy Slowfari now
hey did they mentioned if the Dev Team or Geohot won?lol
really cool
Thank You, Thank You, Thank You
Come om guys Lets USD this exploit before they close it Greets joris