Two European researchers have successfully hacked a fully patched iPhone and exfiltrated the device's entire SMS database in 20 seconds.
ZDNet reports that Vincenzo Iozzo and Ralf Philipp Weinmann exploited a previously unknown vulnerability and had the target iPhone visit a Web Site containing malicious code. It took Weinmann, a 32-year-old from the University of Luxembourg, collaborated and Iozzo, a 22-year-old Italian researcher from Zynamic, to find the vulnerability and write the exploit. Once they put everything in place, the hack took just 20 seconds.
"Basically, every page that the user visits on our [rigged] site will grab the SMS database and upload it to a server we control," Weinmann said, according to ZDNet.
Weinmann went on to say that in addition taking the SMS database, the exploit could have taken the phone's contact list (for both phone and email), photographs and iTunes files.
ZDNet cites Weinmann as saying there’s a non-root user called ‘mobile’ with certain user privileges in the iPhone Sandbox. "With this exploit, I can do anything that ‘mobile’ can do," he said.
Weinmann and Iozzo won $15,000 and got to keep the iPhone.