CRM News: iPhone: Hackers Could Hijack Your iPhone

Hackers Could Hijack Your iPhone

By Erika Morphy
MacNewsWorld
Part of the ECT News Network
07/23/07 11:42 AM PT

iPhone users will have to be just as vigilant in following "safe surfing" practices as PC users if they want to avoid having their systems taken over by hackers. A newly identified vulnerability in the Safari browser is among the first serious holes that could be exploited -- but given the device's popularity, more are almost sure to follow.

eMarketer Whitepaper: Optimizing the E-Commerce Experience
From the Web to the Contact Center, are you prepared to proactively engage and keep your savvy customers? Read how e-commerce leaders are optimizing their sites with ratings, reviews, live help, Web analytics, mobile and more.

A hole in the iPhone's security apparatus could allow a hacker to take complete control of the device, warn researchers at Independent Security Evaluators, who identified the flaw.

The exploit is delivered via a malicious Web page opened in the Safari browser on the iPhone, according to ISE. There are at least three vectors from which a device could be infected:

An attacker-controlled wireless access point: The iPhone learns access points by name (SSID, or service set identifier). Therefore, if a user ever gets near an attacker-controlled access point with the same name and encryption type as an access point previously trusted by the user, the iPhone will automatically use the malicious access point. This allows the attacker to add the exploit to any Web page browsed by the user by replacing the requested page with a page containing the exploit.

A misconfigured forum Web site: If a Web forum's software is not configured to prevent users from including potentially dangerous data in their posts, an attacker could cause the exploit to run in any iPhone browser that viewed the thread.

A link delivered via e-mail or SMS (short message service): If an attacker can trick a user into opening a Web site that the attacker controls, the attacker can easily embed the exploit into the main page of the Web site.

Admin Privileges

Once the browser opens the malicious Web page, arbitrary code embedded in the exploit is run with administrative privileges. In ISE's proof of concept, this code reads the log of SMS messages, the address book, the call history and the voice mail data, and then transmits the information to the attacker.

However, code could be embedded to interfere with anything that the iPhone can do, notes ISE.

"It could send the user's mail passwords to the attacker, send text messages that sign the user up for pay services or record audio that could be relayed to the attacker," the firm says.

"As is described in the preliminary research paper, the attack isn't necessarily a serious vulnerability," Shane Coursen, senior technical consultant at Kaspersky Lab, told MacNewsWorld. "What is more serious is that all applications ... are being given administrator privileges." Coursen added the caveat that these statements are subject to ISE's research holding up under peer review.

No Surprise

The discovery is hardly causing shock waves in the security community. The iPhone has an unusually high profile, and there is a temptingly large number of people who already own the device. Also, smartphones are increasingly vulnerable to hacks, given their sophisticated computing processes.

The Safari browser is the obvious chink in the iPhone's armor, David Finger, product marketing manager for TrendMicro, told MacNewsWorld.

"By making Safari available on the Windows platform, Apple (Nasdaq: AAPL) has made it much more likely for hackers to target the OS," he said, referring to Windows' huge share of the market compared to the Mac's.

Apple will probably be able to close the hole, Finger added, "but the fact that they found it shows the iPhone is not invulnerable -- and, perceptually, that is important."

While the iPhone's popularity leaves its users particularly vulnerable to unwelcome attention from the world's malware community, the larger threat applies to every smartphone owner.

"Yes, Apple is a huge brand and the race is, no doubt, now on to exploit the vulnerability," Mark Sunner, chief security analyst at MessageLabs, told MacNewsWorld. "But the bigger problem is not the iPhone in particular, but the fact that small handheld devices are becoming mini-computers in functionality. As with laptops, as the devices become more sophisticated, the potential for exploited vulnerabilities increases in tandem."

WiFi poses a huge potential threat for smartphones, Kaspersky's Coursen pointed out.

"Once we start to see more cafe-style WiFi hotspots and more WiFi-enabled smartphones, rogue hotspots are going to be a big headache," he predicted.

Modifying Behavior

What this all means is that users of any smartphone device will have be trained to be just as careful on the phone as they are online, said Ron O'Brien, security analyst for Sophos.

"Ultimately, it is the behavior of the user that leads to the vulnerability being exploited," he told MacNewsWorld. "Browsing to an infected site or logging onto a fictitious WiFi site requires user interaction. Such exposure is typical of a laptop or any portable device that allows access to the Internet."

Smartphones hold more than enough personal data that is of interest to hackers. As for the iPhone specifically, it has now been proven that it can act as a physical vector.

"Having control over a device that allows the sending of spam is quite powerful," Coursen remarked.

Though common sense precautions could alleviate many of the risks, he has his doubts that any will be quickly adopted en masse.

"The ISE gives several best-practice suggestions, all of which will work perfectly to avoid the exploits they have described in their paper," Coursen said. "Unfortunately, the suggestions mirror those given to PC users for many years -- yet we still see PC users falling victim now and again."

Next Article in iPhone

Apple vs. Zonbu, the Death of Image Management, Product of the Week
July 23, 2007

Now, let's be clear: For me to get excited about a Linux desktop product is an event similar to hell freezing over, so it is worth at least going to the vendor site and checking it out. The hardware is based on Via Technologies' C7 chip, is fanless, pulls about 10 watts and comes bundled with a complete set of applications. The Web 2.0 part refers to the fact it doesn't have a hard drive but works off 4 GB of flash.

More by Erika Morphy

Ballmer Gives Shareholders - and Dell - Cause for Optimism
November 20, 2009

Microsoft CEO Steve Ballmer was all smiles at the company's shareholders meeting, as he touted the early success of Windows 7. Ballmer's cheer may have been contagious; after posting a massive earnings decline for the third quarter, Dell needed some good news to latch onto, and the prospect of broad enterprise adoption of Windows 7 could spur PC sales.

AA.com Sucks the Fun Out of Trip-Planning
November 20, 2009

Using AA.com to book a flight was a painful experience. Densely packed, disorganized information was displayed in an unattractive format. On the plus side, it did seem as though the deals American Airlines advertised were real and not mere bait-and-switch lures. For anyone who wants a travel-planning Web site to inject a little pleasure into the experience, though, I say look elsewhere.

Salesforce.com Pumps Up Volume of Workplace Chatter
November 19, 2009

Salesforce.com has developed a collaboration platform that puts social networking to work. Salesforce Chatter facilitates employee collaboration on projects through Facebook-like profiles, status updates, feeds and groups. The question remains whether employees will be as open to social networking in the workplace as they are in their personal lives.

[Search More...]

Hacker	Activate Alert \| Search Archives

Apple	Activate Alert \| Search Archives

MessageLabs	Activate Alert \| Search Archives

WiFi	Activate Alert \| Search Archives

Sophos	Activate Alert \| Search Archives