SPI Labs security researchers warned iPhone users not to use a special feature to use the iPhone's Safari browser to call phone numbers over the Web.
This feature is intended to provide iPhone users with an easy way to dial phone numbers displayed on Web pages, but it may be abused, according to SPI.
A flaw in this feature allows hackers to trick users into making expensive "900" calls, or even tracking users' Web calls, says Hoffmann, Chief Researcher at SPI Labs.
He said that the iPhone may even be banned from making calls, or set to keep making calls. Any iPhone user may be attacked because hackers can launch attacks through the website.
To successfully launch an attack, hackers must trick users into accessing a malicious website or send malicious information to the iPhone. Hoffmann said that as long as someone can control the content sent to the iPhone, the possibility of attacks exists.
Hoffmann said that SPI did not disclose details about how the Web dial-up function was used to launch attacks, but it had been in contact with apple in July 6 and was working with apple to prevent such attacks.
Apple is encouraging software developers to develop Web applications for the iPhone, so Safari has received special attention from iPhone hackers.
Previously, researchers have pointed out that Safari can be used to call phone numbers by mistake, but the Hoffmann report shows that it is much less difficult to do so than previously imagined.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
