ID: IRCNE2012081583
Date: 2012-08-18
According to "zdnet", a security research who goes by the handle "pod2g" has found a serious security vulnerability in the way iOS devices handle SMS messages, warning that this could be exploited by online criminals.
The flaw, which the researcher describes as "severe," exists since the beginning of the implementation of SMS in the iPhone, and is still there in iOS 6 beta 4.
According to a post on pod2g's blog, an attacker can exploit this flaw to send an SMS that seems to come from the receiver's bank asking for sensitive information or luring them to a maliciously rigged web site. In another scenario, an attacker could send a spoofed text message to an iPhone user to use as false evidence; or send spoofed messages to manipulate iPhone users into thinking they are receving legitimate SMS messages.
Because of the severity of this flaw, pod2g is calling on Apple to fix this issue before the final release of iOS 6.
- 2