A French iOS security researcher and jailbreak hacker known as pod2g has uncovered a security flaw that makes the iPhone susceptible to text message spoofing.
According to pod2g's iOS blog, the flaw has existed in the iPhone ever since its release in 2007 and continues to exist in the latest iOS 6 beta 4. "Apple: please fix before the final release," says pod2g on its blog.
"Found a heavy SMS flaw in iOS. Doesn't involve code execution but still severe," says pod2g's tweet.
According to pod2g, the flaw could allow malicious users to spoof text messages making the receiver think that the message has come from a trusted party.
Generally, an SMS text is made up of bytes of data exchanged among two devices; the specific carrier helps in transferring the information. The text is converted into Protocol Description Unit (PDU) and then moved to baseband for delivery.
In the text payload, the User Data Header (UDH) contains several advanced features, while not all devices are compatible. One of the features will reportedly allow the user to modify the "reply address of the text". In case the receiver's device is compatible and if he/she wishes to respond to the text then he/she will respond to the original number, instead of the specified number.
Not all carriers check this part of the message that will result in changing the number. "In a good implementation of this feature, the receiver would see the original phone number and the reply-to one. On iPhone, when you see the message, it seems to come from the reply-to number, and you lose track of the origin," writes pod2g.
pod2g notes some major examples in regard to the security issue:
- Pirates might send a message which looks as if coming from a bank, asking the receiver to give his/her confidential information or may direct him to a dedicated website.
- A malicious user might send a spoofed message to a recipient's device in order to create false evidence.
"Now you are alerted. Never trust any SMS you receive on your iPhone at first sight," pod2g concludes.