• SMS Spoofing Vulnerability Discovered in iOS Platform by pod2g

    by
    Akshay Masand
    Published on 2012-08-18 12:05 PM
    18 Comments Comments


    The popular iOS hacker and security researcher, pod2g, recently revealed a newly-discovered security issue that is found in all versions of iOS. The security issue could allow malicious parties to spoof SMS messages, making the recipient think that a message came from a trusted sender, when it in fact did not. The issue is related to iOS’ handling of User Data Header (UDH) information, an optional section of a text payload that allows users to specify certain information such as changing the reply-to number on a message to a different number. The iPhone’s handling of this optional information could leave recipients open to targeted SMS spoofing attacks. Pod2g mentioned the following regarding the vulnerability:

    In the text payload, a section called UDH (User Data Header) is optional but defines lot of advanced features not all mobiles are compatible with. One of these options enables the user to change the reply address of the text. If the destination mobile is compatible with it, and if the receiver tries to answer to the text, he will not respond to the original number, but to the specified one.

    Most carriers don't check this part of the message, which means one can write whatever he wants in this section : a special number like 911, or the number of somebody else.

    In a good implementation of this feature, the receiver would see the original phone number and the reply-to one. On iPhone, when you see the message, it seems to come from the reply-to number, and you [lose] track of the origin.
    There are several ways malicious parties could take advantage of this vulnerability ranging from phishing attempts linking users to sites collecting personal information or spoofing messages for the purpose of creating false evidence. In many cases, the malicious party would need to know the name and number of a trusted contact of the recipient in order for their efforts to be effective, but the example shows how malicious parties could cause harm to innocent consumers. One way to currently discover or prevent becoming a victim would be to reply to any suspicious message as the return message would go to the familiar contact rather than the malicious one. That being said, doing so would only be a temporary solution to make sure someone isn't spoofing texts.

    The issue is still an important one and pod2g is trying to bring this to the attention of Apple in hopes of having the Cupertino California company patch the flaw in their mobile operating system.

    Source: pod2g (blog)
    This article was originally published in forum thread: SMS Spoofing Vulnerability Discovered in iOS Platform by pod2g started by Akshay Masand View original post
    1. Categories:
    2. iPhone,
    3. iOS,
    4. Apple
    Comments 18 Comments
    1. Colin9001's Avatar
      Colin9001 - 2012-08-18, 02:35 PM
      LOLOL. Apple probably hates Pod2G.
    1. wiipro's Avatar
      wiipro - 2012-08-18, 02:43 PM
      Wow

      *breathless*
    1. Delerowen's Avatar
      Delerowen - 2012-08-18, 03:01 PM
      Quote Originally Posted by Colin9001 View Post
      LOLOL. Apple probably hates Pod2G.
      Actually, this is the reason why Apple should love pod2g. This is exactly what security researchers do. They usually do it in a private manner to Apple themselves but he felt this urgent enough to make public.
    1. NakedFaerie's Avatar
      NakedFaerie - 2012-08-18, 03:12 PM
      Apple don't do anything in private. They ignore it and hope it goes away so you need to make things public so they get off their pile of money and do something about it.
      They think their systems are unhackable and virus proof but they are way off.
    1. tongxinshe's Avatar
      tongxinshe - 2012-08-18, 03:30 PM
      Quote Originally Posted by NakedFaerie View Post
      Apple don't do anything in private. They ignore it and hope it goes away so you need to make things public so they get off their pile of money and do something about it.
      They think their systems are unhackable and virus proof but they are way off.
      They are not stupid. There is no way they really think their systems are immune to virus. They are simply making use of a statistic fact in their favor on surface and hope it attracts more customers. Internally they definitely know the technical reality.
    1. iNT3Rv3NTiONZz's Avatar
      iNT3Rv3NTiONZz - 2012-08-18, 04:15 PM
      Quote Originally Posted by Colin9001 View Post
      LOLOL. Apple probably hates Pod2G.
      Hate him? Did you read the article? They can't thank him enough for finding a security flaw, which they can now fix, thus making iOS even more secure. You mad bro?
    1. mmaboi21's Avatar
      mmaboi21 - 2012-08-18, 04:46 PM
      Great advertisement for people wanting to jack my phone up.
    1. Micturition's Avatar
      Micturition - 2012-08-18, 05:47 PM
      The funny thing is that nobody thinks it could possibly be there on purpose. Patriot Act? Has anyone checked Android Blackberry WP7? Maybe they need to redirect some messages to there server, where they scan for potentially threatening messages or signs of terrorism, and if clean they just re-spoof and send it to the original recipient. Just a thought
    1. H4CK3R's Avatar
      H4CK3R - 2012-08-18, 06:18 PM
      Quote Originally Posted by Micturition View Post
      The funny thing is that nobody thinks it could possibly be there on purpose. Patriot Act? Has anyone checked Android Blackberry WP7? Maybe they need to redirect some messages to there server, where they scan for potentially threatening messages or signs of terrorism, and if clean they just re-spoof and send it to the original recipient. Just a thought
      I doubt it, probably just another one of Apple's mistakes in the software.
    1. MooShoo's Avatar
      MooShoo - 2012-08-18, 06:44 PM
      Quote Originally Posted by NakedFaerie View Post
      Apple don't do anything in private. They ignore it and hope it goes away so you need to make things public so they get off their pile of money and do something about it.
      They think their systems are unhackable and virus proof but they are way off.
      Really? Apple always ignores the security issues and pushes out updates? Is that why there is an IOS update every month that we have to avoid so we can keep our jailbreak? Very ignorant statement.
    1. Anonymous's Avatar
      Anonymous - 2012-08-18, 07:38 PM
      Quote Originally Posted by MooShoo View Post
      Really? Apple always ignores the security issues and pushes out updates? Is that why there is an IOS update every month that we have to avoid so we can keep our jailbreak? Very ignorant statement.
      Ignore the troll.
    1. oraaron's Avatar
      oraaron - 2012-08-18, 08:06 PM
      Quote Originally Posted by Colin9001 View Post
      LOLOL. Apple probably hates Pod2G.
      Apple is a company. Certain employees are probably as appreciative of this as I am, while I'm sure others ignorantly wish no one would ever discover their lapses. You can't just assume "Apple" prefers ignorant bliss, especially based on their impressive response times to similar issues in the past.
    1. Anthony Bouchard's Avatar
      Anthony Bouchard - 2012-08-18, 09:14 PM
      Apple responded to the flaw by telling users that they should use iMessage wherever possible and exercise caution when using SMS. iMessage verifies sender information before delivering it to the victim.
    1. Breezy215's Avatar
      Breezy215 - 2012-08-18, 10:05 PM
      Quote Originally Posted by iNT3Rv3NTiONZz View Post
      Hate him? Did you read the article? They can't thank him enough for finding a security flaw, which they can now fix, thus making iOS even more secure. You mad bro?
      I think what he meant by that is that they(Apple) probably hates him because he finds many "flaws" in ios, an operating system that Apple brags & boasts on how secure & fool proof it is...Pod2g u rock bro!
    1. Orby's Avatar
      Orby - 2012-08-18, 10:27 PM
      Quote Originally Posted by Anthony Bouchard View Post
      Apple responded to the flaw by telling users that they should use iMessage wherever possible and exercise caution when using SMS. iMessage verifies sender information before delivering it to the victim.
      "Use our proprietary product!" is Apple's answer to a fairly serious security flaw in their implementation of an open standard with far more global application and use than their own?

      ...why am I not feeling the least inkling of surprise?
    1. sziklassy's Avatar
      sziklassy - 2012-08-19, 12:03 AM
      Quote Originally Posted by MooShoo View Post
      Really? Apple always ignores the security issues and pushes out updates? Is that why there is an IOS update every month that we have to avoid so we can keep our jailbreak? Very ignorant statement.
      He could have said this more elegantly. Allow me...

      In terms of security, it *seems* that Apple waits for hackers to find an exploit, make it public, and then patches it. Rarely, if every, have I seen iOS updates that claimed there were security patches within that were not done as a direct result of some backdoor some hacker, generally a jailbreak dev, has found. Granted, it is extremely difficult to really know what holes Apple has found through internal research and simply plugged before they made it to us, the end user.
    1. MooShoo's Avatar
      MooShoo - 2012-08-19, 01:33 AM
      Quote Originally Posted by sziklassy View Post
      He could have said this more elegantly. Allow me...

      In terms of security, it *seems* that Apple waits for hackers to find an exploit, make it public, and then patches it. Rarely, if every, have I seen iOS updates that claimed there were security patches within that were not done as a direct result of some backdoor some hacker, generally a jailbreak dev, has found. Granted, it is extremely difficult to really know what holes Apple has found through internal research and simply plugged before they made it to us, the end user.
      That is very true and well put. Couldn't agree more.
    1. iH85CH001's Avatar
      iH85CH001 - 2012-08-19, 04:43 AM
      Quote Originally Posted by mmaboi21 View Post
      Great advertisement for people wanting to jack my phone up.
      This is what i was thinking.

  • Connect With Us

  • Discord

    Join our Discord

  • Twitter Box

  • Facebook