A vulnerability has been discovered in iOS that makes the iPhone to make calls to arbitrary numbers

Researcher Colleen Mulliner found a vulnerability in iOS that makes the iPhone the victim to call a given phone number. Failure associated with the features of the WebView component.

The expert has decided to take up the study of this problem after a recent case in Arizona. Then the teenager gave the phone attack emergency 911, accidentally published in his Twitter a link to a page with a JavaScript exploit.

This problem was first discovered back in 2008 in the Safari browser, notes Xakep. It was fixed with the release of iOS 3.0. A new variation of the vulnerability, according to Mulliner, working by analogy with the previous, but it affects apps like Twitter, LinkedIn, Facebook, Pocket and others.

The problem arises from the way the framework handles the WebView links to phone numbers embedded in site pages, that is, the TEL URI of the form tel:< phone number >. When the user clicks on such a link, the WebView automatically makes a call to a specified number. The problem is that if the attacker lured the victim to a page that uses meta-refresh to reload with a new URL and point to a TEL URI, the phone will automatically call a specified number.

The problem is that, clicking on a dangerous link, the user can’t even cancel the call, because at this point, the OS opens another app and the UI “hangs”. Moreover, the launch of the second application to exploit the exactly defined exported researcher implemented the simplest way: it is only necessary to slip the victim a URL that will force the OS to launch another application.

The researcher was able to reproduce the attack on Twitter and LinkedIn, but he is convinced that the failure is relevant to many other applications.

Clifton Nichols

Clifton Nichols

Hi! I’m Clifton and I am a full-stack engineer with a passion for building performant and scalable applications that are beautiful and easy to use.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *