iPhone SMS Hack Nets $15,000

No the $15,000 wasn’t in illegal gains but as first prize in the 2010 CanSecWest Pwn2Own hacking contest.   The gaping SMS exploit was identified some time ago by security experts Vincenzo Iozzo and Ralf-Philipp Weinmann and it took them 2 weeks to develop the code. One Safari visit to a website fronting their hack was all that was required for it to appropriate and stealth upload the entirety of the SMS folder in 20 seconds. Weinmann said they could have developed the hack further so that it was more stable and could steal contacts and other sensitive data.

But before you start encasing your iPhone in a  lead block you can rest easy in the knowledge that the SMS exploit has been passed to Apple and Apple alone so that they can engineer it out in a future firmware update.  Sleep easy people ;)

Post a response / What do you think?