• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • Hijacking All iPhones via SMS
    Cybersecurity researchers Charlie Miller and Collin Mulliner discovered how to completely hijack any iPhone via SMS. Tomorrow (Thursday) they plan on publicize and reveal the vulnerability at the Black Hat cybersecurity conference in Las Vegas. They will be demonstrating how to send a series of SMS burst to the iPhone which will allow them to take complete control of EVERYTHNIG on the device and then propagate the attack by sending more SMS messages via the hijacked iPhone. According to Miller
    This is serious. The only thing you can do to prevent it is turn off your phone . . . Someone could pretty quickly take over every iPhone in the world with this.
    Since Apple has yet to address this iPhone vulnerability even though Miller and Mulliner notified Apple over a month ago. Miller suggests that if you receive a text message on your iPhone any time after Thursday afternoon containing only a single square character you should turn the device off immediately.

    This vulnerability should be heeded and patched by Apple asap (3.1 firmware anyone?). Miller knows his stuff, he was the first one to remotely hjack the iPhone in 2007 via the former bug in iPhone Safari -- old skool, as in jailbreakme.com old skool

    via forbes thx steven and jcrod73 for the tip
    This article was originally published in forum thread: Hijacking All iPhones via SMS started by Cody Overcash View original post
    Comments 250 Comments
    1. PhoneLine's Avatar
      PhoneLine -
      I read up on it a bit and it seems that it gives the sender of the sms root access. Any chance perhaps those that jailbroke and have changed the root/mobile passwords would be a little safer?

      This is not my cup of tea, just since the jailbreakers have more access to the phone then the regular user, I'm thinking maybe there is a way for us to combat this before the apple patch is released?
    1. dale1v's Avatar
      dale1v -
      Errr well that sucks.
    1. kingskid07's Avatar
      kingskid07 -
      I wonder... after turning it off, will rebooting it fix the problem?
    1. Bernie-Mac's Avatar
      Bernie-Mac -
      Quote Originally Posted by PhoneLine View Post
      I read up on it a bit and it seems that it gives the sender of the sms root access. Any chance perhaps those that jailbroke and have changed the root/mobile passwords would be a little safer?

      That makes sense. It sounds like it would work and if it does it would be a big "suck it" to all the non-jailbroken jailbreak bashers out there. At least my jailbroken 3GS isnt going to be hacked and used towards world domination
    1. PhoneLine's Avatar
      PhoneLine -
      Quote Originally Posted by kingskid07 View Post
      I wonder... after turning it off, will rebooting it fix the problem?
      Well, it will probably disconnect their access till they send you another SMS with the flaw again. But if you get the text at 3am and your sleeping, the person can have full access till you notice the message.

      Maybe AT&T can block the text from coming through, since they seem to be so good at blocking things. Not a help to those unlocked, but its a start
    1. DjPrayz's Avatar
      DjPrayz -
      This is not good.
    1. Sniper366's Avatar
      Sniper366 -
      can anyone point me to a tutorial or forum regarding changing the root password on a 3GS. so long, alpine!
    1. chaingang54's Avatar
      chaingang54 -
      LOL I posted this first I should get credit!
      http://www.modmyi.com/forums/general...r-hackers.html
    1. fungusfeet's Avatar
      fungusfeet -
      credit? what can you buy with this credit?
    1. zoolander369's Avatar
      zoolander369 -
      Yikes.
    1. GregTheWang's Avatar
      GregTheWang -
      OMGWTFBBQ OUR iPHONES ARE AT RISK. ARM THE NUCLEAR WEAPONS!
    1. ianbroste's Avatar
      ianbroste -
      the drug dealers and cell tower destroyers are one step closer!!!!!!!!!!!!!
    1. JedixJarf's Avatar
      JedixJarf -
      Quote Originally Posted by Sniper366 View Post
      can anyone point me to a tutorial or forum regarding changing the root password on a 3GS. so long, alpine!
      Just install terminal on your phone or SSH into it and su root, then type passwd and it will prompt you for a new pass.
    1. blkcadi's Avatar
      blkcadi -
      Scary, just scary. OMG
    1. PhoneLine's Avatar
      PhoneLine -
      I'm guessing we won't know if changing the root password will help until after the exploit is made public.

      I've always thought changing it from the default was a good thing though either way.
    1. Melech518's Avatar
      Melech518 -
      im changing my password to binary
    1. StealthBravo's Avatar
      StealthBravo -
      I don't think changing the password will help. LMAO
    1. Rescuer's Avatar
      Rescuer -
      Quote Originally Posted by chaingang54 View Post
      LOL I posted this first I should get credit!
      http://www.modmyi.com/forums/general...r-hackers.html
    1. mobsta's Avatar
      mobsta -
      if u get that text will removing the sim card stop it???

      instead of turning off cuz taking out the sim is quicker
    1. Rescuer's Avatar
      Rescuer -
      let all your friends with iphones know about this, then send them a text message tomorrow with a single dot to scare them!