ID: IRCNE2012091623
Date: 2012-09-21
According to "cnet", Dutch and British hackers compromised an iPhone 4S and a Samsung Galaxy S3, respectively, in separate gambits as part of a mobile Pwn2Own contest at a security conference in Amsterdam this week.
Joost Pol, chief executive officer of Dutch research firm Certified Secure, and colleague Daan Keuper created an exploit that allowed them to hijack the address book, photos, browsing history and videos from a fully patched iPhone 4S at the EuSecWest conference, according to CNET sister site ZDNet.
"We specifically chose this one because it was present in iOS 6 which means the new iPhone coming out [this week] will be vulnerable to this attack," Pol said, adding that the exploit also works on the iPad, iPhone 4 and iPod Touch. Despite that, he says the iPhone is the most secure mobile device on the market.
Meanwhile, a team from U.K.-based MWR Labs beamed a malicious file via NFC (near-field communications) technology to a Samsung Galaxy S3 running Android 4.0.4 that exploited a previously unknown vulnerability in the document viewer in the operating system, and then gained full access to the data via another unknown hole, according to another ZDNet report. The attack could also be accomplished by sending a target malicious e-mail attachments or URLs instead of using NFC.
- 2