Wednesday, February 27, 2013

iPhones - Vulnerability Gives Hackers Access to Locked



Think your iPhone 5 is safe and secure with your password lock set up nicely? A new vulnerability has been discovered which could allow hackers to bypass password locks and gain access to users' personal information.
Iphone-locked
First detected by Vulnerability Lab in a Full Disclosure report and further detailed on Kaspersky Labs' Threatpost blog, hackers can get around the iPhone's lock screen by using the Emergency Call function. The workaround gives the user access to contact lists, voicemails and photos.
"The exploit involves manipulating the phone’s screenshot function, its emergency call function and its power button," Threatpost.com writes. "Users can make an emergency call (911 for example) on the phone and then cancel it while toggling the power on and off to get temporary access to the phone."
From there, a hacker can attach a USB cord to the smartphone and access data on the phone via a computer. The exploit works on iPhone 5 devices running iOS 6.1 software.
"The vulnerability allows the local attacker to bypass the code lock in iTunes and via USB when a black screen bug occurs," the Full Disclosure report notes. "Successful exploitation of the vulnerability results in unauthorized device access and information disclosure."
Apple has not yet responded to a request for comment.
For a deeper look at how the exploit works, check out the video below. The first part of the video demonstrates a vulnerability detected earlier this month.

No comments:

Post a Comment