• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • Hijacking All iPhones via SMS
    Cybersecurity researchers Charlie Miller and Collin Mulliner discovered how to completely hijack any iPhone via SMS. Tomorrow (Thursday) they plan on publicize and reveal the vulnerability at the Black Hat cybersecurity conference in Las Vegas. They will be demonstrating how to send a series of SMS burst to the iPhone which will allow them to take complete control of EVERYTHNIG on the device and then propagate the attack by sending more SMS messages via the hijacked iPhone. According to Miller
    This is serious. The only thing you can do to prevent it is turn off your phone . . . Someone could pretty quickly take over every iPhone in the world with this.
    Since Apple has yet to address this iPhone vulnerability even though Miller and Mulliner notified Apple over a month ago. Miller suggests that if you receive a text message on your iPhone any time after Thursday afternoon containing only a single square character you should turn the device off immediately.

    This vulnerability should be heeded and patched by Apple asap (3.1 firmware anyone?). Miller knows his stuff, he was the first one to remotely hjack the iPhone in 2007 via the former bug in iPhone Safari -- old skool, as in jailbreakme.com old skool

    via forbes thx steven and jcrod73 for the tip
    This article was originally published in forum thread: Hijacking All iPhones via SMS started by Cody Overcash View original post
    Comments 250 Comments
    1. chaingang54's Avatar
      chaingang54 -
      Quote Originally Posted by Rescuer View Post
      Yes! Thank you!
    1. StealthBravo's Avatar
      StealthBravo -
    1. ugshotgun's Avatar
      ugshotgun -
      Quote Originally Posted by rbjscv View Post
      if you're jailbroken, and have iBlacklist installed and properly configured, then there is no way the SMS hackers will control your phone.

      simple?
      \

      Sounds Logical; I'm setting my iBlacklist to block/delete all calls/texts/mms's that are not in my phone book. At least this makes me feel a little more at ease...
    1. Happy Noodle Boy's Avatar
      Happy Noodle Boy -
      Quote Originally Posted by lillewis51 View Post
      wait.... if only they know about it how is the exploit going public unless they release it? and why would they do that?
      Security firms do this all the time. They scout for exploits and reveal it (privately) to the company with a month or two window to fix it. If the company ignores it, then they basically go "you need to fix this" and rather than wait for someone to figure it out and cause some real harm they release the exploit to the public, basically forcing the company to release a fix.
    1. sungod661's Avatar
      sungod661 -
      guys this is b.s you think someone is going to randomly sms you and get into your phone to steal all your important info like the caramel secret lol.

      i'm sure the securities of the phone could be exploited anything is possible but there is just no use for someone do take over youre crappy phone. you arent that important relax.....

      breathe its going to be ok
    1. StealthBravo's Avatar
      StealthBravo -
      You never know. Hackers attack sites all the time for no valid reason
    1. PhoneLine's Avatar
      PhoneLine -
      More then likely though most people will get the message from another phone that gets infected if you get it at all.

      So if an infected phone sends it out to all that phones contacts there is a good chance you'll get it from someone that has you as a contact and then it's likely you have them and the SMS will come through.
    1. equlizer's Avatar
      equlizer -
      Quote Originally Posted by ugshotgun View Post

      Sounds Logical; I'm setting my iBlacklist to block/delete all calls/texts/mms's that are not in my phone book. At least this makes me feel a little more at ease...
      Just did the same with Mcleaner. Hope its good enough

      EDIT: Guess i should block all incoming SMS messages for the next few days then Luckily I dont use SMS much.
      EDIT2: No one on my contact list has an iphone except for me :P
    1. StealthBravo's Avatar
      StealthBravo -
      If someone does get this text, please grab a screenshot before shutting it down.
    1. PhoneLine's Avatar
      PhoneLine -
      The blacklisting programs though really just filter the message. It still arrives on the phone, it's not technically blocked from getting to the device.

      So I'm not sure if those apps will be effective in stopping it
    1. ronzo's Avatar
      ronzo -
      This sounds a lot like the time they sold all that plastic and duct tape!
      I hope it's not true...I'd really be bummed out if someone got a hold of my important food shopping list!!
    1. StealthBravo's Avatar
      StealthBravo -
      ^ True and the worst part about it is that you won't know it happened and go about your merry way while your phone is hacked
    1. PhoneLine's Avatar
      PhoneLine -
      I wonder it AT&T can put a block on their systems which would prevent the text from being delivered?
    1. blkeagle1's Avatar
      blkeagle1 -
      are belong to us.
    1. Cer0's Avatar
      Cer0 -
      Quote Originally Posted by PhoneLine View Post
      More then likely though most people will get the message from another phone that gets infected if you get it at all.

      So if an infected phone sends it out to all that phones contacts there is a good chance you'll get it from someone that has you as a contact and then it's likely you have them and the SMS will come through.
      As far as I know none of my contacts have iPhones. I at least don't have to worry to much of me spreading it past mine to my contacts because of their lack of iPhones if I get it sent to me via someone else's iPhone contacts.

      Just like before hopefully if Apple doesn't fix it maybe the JB community will. They fixed the browser exploit after he announced it, after you used it to JB your device . So JBing actually may keep you protected if the community fixes it before Apple.
    1. pacmac's Avatar
      pacmac -
      Quote Originally Posted by StealthBravo View Post
      If someone does get this text, please grab a screenshot before shutting it down.


      iCrap it has begun...


      this sucks..dear apple stop rejecting cool apps GV ect..and get to work
    1. mobsta's Avatar
      mobsta -
      damn im kinda sorta scared for my phone..
    1. pacmac's Avatar
      pacmac -
      Quote Originally Posted by chaingang54 View Post
      Anything for the mods on this forum! LOL...You will probably be the first attaced, but wait are t-mobile users free to go since they arn't under the same server as ATT?
      your a target too..its the 0S not the server
    1. equlizer's Avatar
      equlizer -
      Someone else posted in another thread and iduno why i didnt think about this. How do they know they are sending the text message(s) to an iphone and not a Nokia N95 or whatever? The only way possible i think is if they have access to apples database.
    1. Drummr's Avatar
      Drummr -
      Is this going to be sent from another phone or from a computer, because T-Mobile has a setting that blocks texts from email/computers.