iPhone Hacked in 20 Seconds at Pwn2Own
Two European researchers have successfully hacked a fully patched iPhone and exfiltrated the device's entire SMS database in 20 seconds.
ZDNet reports that Vincenzo Iozzo and Ralf Philipp Weinmann exploited a previously unknown vulnerability and had the target iPhone visit a Web Site containing malicious code. It took Weinmann, a 32-year-old from the University of Luxembourg, collaborated and Iozzo, a 22-year-old Italian researcher from Zynamic, to find the vulnerability and write the exploit. Once they put everything in place, the hack took just 20 seconds.
"Basically, every page that the user visits on our [rigged] site will grab the SMS database and upload it to a server we control," Weinmann said, according to ZDNet.
Weinmann went on to say that in addition taking the SMS database, the exploit could have taken the phone's contact list (for both phone and email), photographs and iTunes files.
ZDNet cites Weinmann as saying there’s a non-root user called ‘mobile’ with certain user privileges in the iPhone Sandbox. "With this exploit, I can do anything that ‘mobile’ can do," he said.
Weinmann and Iozzo won $15,000 and got to keep the iPhone.
- Caption Contest: Happy Birthday, Steve Ballmer!
- VOTW: Adobe Makes Photoshopping Easy as Pie
- MSI's GeForce GTX 480 to Offer Over Voltage Too
- This is What Leadtek's Fermi Cards Look Like
- PICTURES: GeForce GTX 480 Stripped Apart
- Real Life Modern Warfare 2: Gamer vs. Soldier
- GoDaddy Stops Registering Domains in China
- Hacked? Google Corporate Site Redirected to China
- Pirates Getting Their RapidShare Accounts Nuked
- IE8, Firefox and Safari Hacked to Bits at Pwn2Own
- U.S. Army Visits Apple in Search for Military Tech
- Catalyst 10.3/GeForce 197.13 Now WHQL Certified
- The Road to Fermi: A Look Back on News Leaks
- JooJoo Tablet to Beat Apple's iPad to Market
- DNS Problem Brings Great Firewall of China Abroad
- QOTD: Do You Think the Word 'Piracy' is Too Sexy?
- Asus Eee PC 1201T Arrives, T101MT Next Month
- Asus M4 Motherboards Do AMD Phenom II X6
that's hacking for you..really talented people..
And the military want to achieve tech info from apple.
sure... lol
Every one having the same problem regarding hiding or locking text messages on iPhones. Recently I downloaded a program from http://faketexts.com/ and it hides the iPhone SMS button and replaces it with a fake one that you can edit. Basically it doesn’t show all the girls I am talking to.