• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

News Mobile phones attacked via spoofed SMS messages

Researchers at the Black Hat security conference on Thursday showed how an attacker could spoof a type of SMS message that appears to be sent from the carrier or some other trusted source.

This attack on MMS (multimedia messaging service) messages, a type of SMS message, could allow an attacker to trick the recipient into visiting a malicious Web site or ultimately do something else to harm the phone or steal data.

The attacks work potentially on any type of phone that is MMS-enabled and operating on Global System for Mobile communications (GSM) networks, said Zane Lackey, a senior consultant at ISEC Partners, and independent researcher Luis Miras.

They used a jailbroken iPhone for their demos of their proof-of-concept code that allows for bypassing carrier protections for SMS communications by sending specially crafted MMS messages.

SMS communications are used by carriers to do administration on the phone and contact customers. For example, voice mail notifications are often delivered over SMS, according to Lackey.

:source: News Source: Cnet

UPDATE:
Another SMS hack that could be used to send messages, or generally do anything on another person's iPhone has been fixed by Apple and owners should consider updating immediatly by connecting it to their computers. Rumours suggest that this update will undo any jailbreaks so if you have already crossed that line, be aware!
 
Last edited by a moderator:

Comments

#2
So it seems they have just learnt to send junk mail?
And I think the main use of SMS messages is actually for teenage girls to inform each and everyone of their friends that they are 100m further down the road than they were in their previous message.
 
#3
I think the real issue is actually mentioned later in the article:

SMS attacks are getting easier because iPhones and Android devices are easily modified and because SMS functionality has been built at higher layers that provide full access to an attacker, said Lackey.

The researchers also said they uncovered an SMS implementation flaw that they exploited to temporarily crash the phone process of an Android phone so no calls or texts could be sent or received. Google fixed that flaw, they said.
The iPhone looks like it can also be crashed by a "text" message:
http://news.cnet.com/8301-27080_3-10299378-245.html

Feeling pretty smug about Windows Mobile right now, which is a new sensation I will admit ;)
 
#7
He mentioned blogging on his blog or wordpress, but my return came a little late to really organise very much. He didn't want to use his osnn logon anywhere for failry obvious reasons ;)
 

Members online

Latest posts

Latest profile posts

Perris Calderon wrote on Electronic Punk's profile.
Ep, glad to see you come back and tidy up...did want to ask a one day favor, I want to enhance my resume , was hoping you could make me administrator for a day, if so, take me right off since I won't be here to do anything, and don't know the slightest about the board, but it would be nice putting "served administrator osnn", if can do, THANKS

Been running around Quora lately, luv it there https://tinyurl.com/ycpxl
Electronic Punk wrote on Perris Calderon's profile.
All good still mate?
Hello, is there anybody in there? Just nod if you can hear me ...
Xie
What a long strange trip it's been. =)

Forum statistics

Threads
61,962
Messages
673,240
Members
89,016
Latest member
chadgymenu

Members online

Latest posts

Latest profile posts

Perris Calderon wrote on Electronic Punk's profile.
Ep, glad to see you come back and tidy up...did want to ask a one day favor, I want to enhance my resume , was hoping you could make me administrator for a day, if so, take me right off since I won't be here to do anything, and don't know the slightest about the board, but it would be nice putting "served administrator osnn", if can do, THANKS

Been running around Quora lately, luv it there https://tinyurl.com/ycpxl
Electronic Punk wrote on Perris Calderon's profile.
All good still mate?
Hello, is there anybody in there? Just nod if you can hear me ...
Xie
What a long strange trip it's been. =)

Forum statistics

Threads
61,962
Messages
673,240
Members
89,016
Latest member
chadgymenu