iPhone Hacked in 20 Seconds at Pwn2Own
Two European researchers have successfully hacked a fully patched iPhone and exfiltrated the device's entire SMS database in 20 seconds.
ZDNet reports that Vincenzo Iozzo and Ralf Philipp Weinmann exploited a previously unknown vulnerability and had the target iPhone visit a Web Site containing malicious code. It took Weinmann, a 32-year-old from the University of Luxembourg, collaborated and Iozzo, a 22-year-old Italian researcher from Zynamic, to find the vulnerability and write the exploit. Once they put everything in place, the hack took just 20 seconds.
"Basically, every page that the user visits on our [rigged] site will grab the SMS database and upload it to a server we control," Weinmann said, according to ZDNet.
Weinmann went on to say that in addition taking the SMS database, the exploit could have taken the phone's contact list (for both phone and email), photographs and iTunes files.
ZDNet cites Weinmann as saying there’s a non-root user called ‘mobile’ with certain user privileges in the iPhone Sandbox. "With this exploit, I can do anything that ‘mobile’ can do," he said.
Weinmann and Iozzo won $15,000 and got to keep the iPhone.
Stay on the Cutting Edge
Join the experts who read Tom's Hardware for the inside track on enthusiast PC tech news — and have for over 25 years. We'll send breaking news and in-depth reviews of CPUs, GPUs, AI, maker hardware and more straight to your inbox.
Modern web bloat means some pages load 21MB of data - entry-level phones can't run some simple web pages, and some sites are harder to render than PUBG
U.S. outlines five-year plan to harness CHIPS Act funds — R&D, manufacturing, education, and ecosystem highlighted for balanced funding
The Lenovo Legion Slim 5 OLED RTX 4060 gaming laptop is now only $1,049 at Best Buy
-
restatement3dofted jhansonxiWindows and security is like a fart and concrete.Reply
Microsoft has absolutely nothing to do with people successfully manipulating an iPhone - it is completely irrelevant. Go troll elsewhere. -
Jerky_san mikewong27all OS has security issues...Reply
Its just as he says.. every OS is made by man.. thus another man can find a flaw and exploit it. Thats just life.. But just like everything else if you build it well enough the cracks will be much harder to notice.. -
Misleading title at best. "Once they put everything in place, the hack took just 20 seconds." Like saying, once I built the car, it took 5 seconds for the engine to start when I turned the key. Ah, yeah, lol.Reply
-
Boxa786 I can understand the apple comment, but why the hatred for windows on an apple article? Dman made no reference in comparing apple vs windows, ROFL, apple fan ftl?Reply
Most Popular
By Aaron Klotz
By Anton Shilov
By Anton Shilov
By Anton Shilov
By Anton Shilov