Charlie Miller, the hacker who discovered a hole in the new Apple Safari in ten seconds in the Pwn2Own contest, can now take complete control of your iPhone by merely sending a text message. And no, you don’t even have to open it!
Once he takes control, Miller can exploit the hole to make calls, steal data, send text messages, and do basically anything that the user can do with his iPhone. And no, the handset doesn’t need to be jailbroken and the latest OS 3.0 update will not save you.
Miller and his partner Colin Mulliner demonstrated this scary scenario to CNET writer Elinor Mills at the Black Hat Security Conference on Wednesday. Don’t worry about them hacking your device, though: The two are professional researchers with a security firm and are just showing Apple the many security loopholes in their device.
Cnet’s Mills described how it happened: “While I was talking on the phone to Charlie Miller, his partner, Collin Mulliner, sent me a text message from his phone. One minute I’m talking to Miller and the next minute my phone is dead, and this time it’s not AT&T’s fault. After a few seconds it came back to life, but I was not able to make or receive calls until I rebooted.”
The attack is enabled by a serious memory corruption bug in the way the iPhone handles SMS messages, said Miller, a senior security researcher at Independent Security Evaluators.
There is no patch, despite the fact that Apple was notified of the problem about six weeks ago, he said. All current versions of the iPhone operating system are affected.
Asked what an iPhone user can do when attacked, Miller replied: “Rebooting wouldn’t be a bad idea. It would stop all but the most sophisticated attacker. However, it doesn’t take but a second to grab all your personal info from the device, and as soon as you turn it back on, the bad guy could attack you again. That’s why I think this is so serious.”
Miller and Mulliner have also discovered such grave vulnerabilities in Android and Windows Mobile, and will be demonstrating the same to concerned authorities so that the companies can issue patches.