Security experts at the Black Hat conference said Thursday that hackers can break into an iPhone to intercept text messages, deliver spam and deliver malware.
Charlie Miller, Independent Security Evaluators researcher, and Collin Mulliner, a Ph.D. student at the University of Berlin, demonstrated during a Black Hat presentation that hackers can break into an iPhone via the SMS protocol to launch a denial-of-service (DOS) attack or take control of a victim's phone.
"Its lots of fun to kick friends off the network, but it's even more fun to own their phone," Miller said, who demonstrated the exploits on both the iPhone and Android.
The hack is enabled by memory issues in the way the iPhone handles the SMS protocol, Miller said. Miller demonstrated Thursday that the attack can be used to launch a DOS attack, which could be used to shut off an iPhone, deface text or otherwise reconfigure the keys.
The DOS hack is launched by flooding the iPhone with hundreds of SMS control messages, which allows hackers to keep their victims off the network indefinitely.
A similar SMS hack can be conducted on the Google Android and the Windows Mobile platforms.
"Basically what happens, you send a bad SMS, you can't use your phone," Miller said. "Literally the phone is working, you just can't press any of the buttons."
And unlike previous types of mobile attacks, which required a hacker to entice users to open a malicious Web site, iPhone users could become infected with no intervention.
These kinds of attacks will likely be used to send spam, researchers said. "It could be used in a spam game," said Mikko Hypponen, chief research officer for Finland-based F-Secure. "SMS is cheap but it's not free."
Unless you hack into someone's phone, that is. One of the biggest impediments to launching spam campaigns via SMS is that it costs money to send a text. However, hackers who can break into a victim's phone can launch an attack that could send out millions of spam text messages free of charge.
Miller, however, found a way to test the SMS exploit while incurring minimal costs. "We paid for 100, and we got the effects of half a million," he said.
Perhaps even more menacing, researchers said, is the possibility of launching a malware attack via SMS. An attack could be used to distribute malware once the hacker is able to penetrate the victim's phone, which would spread to everyone on the victim's contact list. Mobile Trojans could be used to steal information or make the mobile phone into a remote spying device, Hypponen said.