Apple's IOS 6 Security Flaw Could Let Scammers Send False Texts
Apple's upcoming iPhone 5 is expected to launch simultaneously with a revamp of the iPhone's mobile operating system, iOS6. However, a small tech blog points out that a vulnerability in the new operating system might allow hackers to send text messages from false numbers.
The iOS blogger Pod2g explains the technical aspects of the hack. According to the jailbreaking blog, hackers could theoretically change the data on a text message to an iPhone, making the user think the SMS is from a friend when scammers are on the other end of the line.
"In the text payload, a section called UDH (User Data Header) is optional but defines lot of advanced features not all mobiles are compatible with," Pod2g writes. "One of these options enables the user to change the reply address of the text. If the destination mobile is compatible with it, and if the receiver tries to answer to the text, he will not respond to the original number, but to the specified one."
"Most carriers don't check this part of the message, which means one can write whatever he wants in this section: a special number like 911, or the number of somebody else."
Essentially, hackers can trick your phone into thinking that a text message is coming from the number of a trusted friend or financial institution, when in reality, the text is coming from malicious pirates.
What is the worst that could happen if pirates begin exploding this hack? According to Pod2g, "pirates could send a message that seems to come from the bank of the receiver asking for some private information, or inviting them to go to a dedicated website."
Pod2g writes that the problem is not unique to the iPhone 5 and iOS, but that Apple engineers have not closed the loophole as of iOS 6's public beta.
The blog also mentions that the hack can be used to manipulate people or send incriminating information while using the fake text as false evidence.
So, as a public service announcement, if your mother suddenly starts asking for financial information over text message, it's best to be wary.
© Copyright IBTimes 2024. All rights reserved.