News Mobile phones attacked via spoofed SMS messages

Discussion in 'Portable Devices & Gadgets' started by Dark Atheist, Jul 31, 2009.

  1. Dark Atheist

    Dark Atheist Moderator Political User Folding Team

    Messages:
    6,376
    Location:
    In The Void
    Researchers at the Black Hat security conference on Thursday showed how an attacker could spoof a type of SMS message that appears to be sent from the carrier or some other trusted source.

    This attack on MMS (multimedia messaging service) messages, a type of SMS message, could allow an attacker to trick the recipient into visiting a malicious Web site or ultimately do something else to harm the phone or steal data.

    The attacks work potentially on any type of phone that is MMS-enabled and operating on Global System for Mobile communications (GSM) networks, said Zane Lackey, a senior consultant at ISEC Partners, and independent researcher Luis Miras.

    They used a jailbroken iPhone for their demos of their proof-of-concept code that allows for bypassing carrier protections for SMS communications by sending specially crafted MMS messages.

    SMS communications are used by carriers to do administration on the phone and contact customers. For example, voice mail notifications are often delivered over SMS, according to Lackey.

    :source: News Source: Cnet

    UPDATE:
    Another SMS hack that could be used to send messages, or generally do anything on another person's iPhone has been fixed by Apple and owners should consider updating immediatly by connecting it to their computers. Rumours suggest that this update will undo any jailbreaks so if you have already crossed that line, be aware!
     
    Last edited by a moderator: Aug 1, 2009
  2. Electronic Punk

    Electronic Punk Administrator Staff Member Political User Folding Team

    Messages:
    18,590
    Location:
    Copenhagen, Denmark
    So it seems they have just learnt to send junk mail?
    And I think the main use of SMS messages is actually for teenage girls to inform each and everyone of their friends that they are 100m further down the road than they were in their previous message.
     
  3. Electronic Punk

    Electronic Punk Administrator Staff Member Political User Folding Team

    Messages:
    18,590
    Location:
    Copenhagen, Denmark
    I think the real issue is actually mentioned later in the article:

    The iPhone looks like it can also be crashed by a "text" message:
    http://news.cnet.com/8301-27080_3-10299378-245.html

    Feeling pretty smug about Windows Mobile right now, which is a new sensation I will admit ;)
     
  4. Jewelzz

    Jewelzz OSNN Godlike Veteran

    Messages:
    10,977
    Location:
    California
    I love my iPhone!
     
  5. Electronic Punk

    Electronic Punk Administrator Staff Member Political User Folding Team

    Messages:
    18,590
    Location:
    Copenhagen, Denmark
    X-istence is at black hat, so will very likely love it too shortly :D
     
  6. falconguard

    falconguard Carbon based lifeform Political User Folding Team

    Messages:
    3,406
    Location:
    SoCal
    In official capacity? Or as just another expose the fed playa? Are we going to get a blog like last time?
     
  7. Electronic Punk

    Electronic Punk Administrator Staff Member Political User Folding Team

    Messages:
    18,590
    Location:
    Copenhagen, Denmark
    He mentioned blogging on his blog or wordpress, but my return came a little late to really organise very much. He didn't want to use his osnn logon anywhere for failry obvious reasons ;)
     
  8. falconguard

    falconguard Carbon based lifeform Political User Folding Team

    Messages:
    3,406
    Location:
    SoCal
    yeah that whole Iphone thing. He'd get used..:eek:
     
  9. Electronic Punk

    Electronic Punk Administrator Staff Member Political User Folding Team

    Messages:
    18,590
    Location:
    Copenhagen, Denmark
  10. Jewelzz

    Jewelzz OSNN Godlike Veteran

    Messages:
    10,977
    Location:
    California
    Thank EP, I'm downloading and installing the patch now
     
  11. Gigabot

    Gigabot OSNN Senior Addict

    Messages:
    406
    Location:
    USA
    Darn, it's patched now! I was going to have X-istence create an app that sends fart bombs to every iPhone in the world via SMS. :(
     
  12. Electronic Punk

    Electronic Punk Administrator Staff Member Political User Folding Team

    Messages:
    18,590
    Location:
    Copenhagen, Denmark
    I believe that is one of the must-have iPhone applications anyway.