Pod2g, the hacker behind the famous Absinthe jailbreak, has announced that he has discovered a security flaw in iOS that allows SMS Spoofing in iOS.
This security flaw in iOS SMS is present since the first iPhone and still lives on in iOS 6 beta 4, says Pod2g. Apple has not yet patched this iOS security flaw that pod2G deems a severe one.
Pod2G, in a blogpost, has detailed how SMS works on a smartphone and then explains the SMS Spoofing flaw in iOS:
In the text payload, a section called UDH (User Data Header) is optional but defines lot of advanced features not all mobiles are compatible with. One of these options enables the user to change the reply address of the text. If the destination mobile is compatible with it, and if the receiver tries to answer to the text, he will not respond to the original number, but to the specified one. Most carriers don’t check this part of the message, which means one can write whatever he wants in this section : a special number like 911, or the number of somebody else.
In a good implementation of this feature, the receiver would see the original phone number and the reply-to one. On iPhone, when you see the message, it seems to come from the reply-to number, and you loose track of the origin.
Pod2G also discusses the scenarios where this iOS SMS spoofing flaw can be a dangerous one:
- Pirates could send a message that seems to come from the bank of the receiver asking for some private information, or inviting them to go to a dedicated website. [Phishing]
- One could send a spoofed message to your device and use it as a false evidence.
- Anything you can imagine that could be utilized to manipulate people, letting them trust somebody or some organization texted them.
In the end, Pod2G warns iPhone users to never trust an SMS on your iPhone at first sight. Let’s hope Apple fixes this SMS spoofing flaw in the final iOS 6 release which is expected to hit masses in September. iOS 6 is claimed to bring 200+ new features. Checkout out iOS 6 features list.