iPhone vulnerable to hacker attacks: researchers
2009-07-30

Category Identity Theft Nations U.S. City Las Vegas States Nevada Category Regions County Clark County Company AT&T Electronics iPhone Source (Reuters)

LAS VEGAS (Reuters) - Security experts have uncovered flaws in Apple Inc's iPhone that they said hackers can exploit to take control of the popular device, using the tactic for identity theft and other crimes.

iPhone users needed to be warned that their devices were not entirely secure and Apple should try to repair the vulnerability as soon as possible, they said at the Black Hat conference in Las Vegas, one of the world's top forums for exchanging information on computer security threats.

"It's scary. I don't want people taking over my iPhone," Charlie Miller, a security analyst with consulting firm Independent Security Evaluators, said in an interview.

Miller and Collin Mulliner, a Ph.D. student at the Technical University of Berlin, also discovered a method for hacking the iPhone that lets hackers easily knock a victim's iPhone off a carrier's network.

It prevents users from making calls, accessing the Internet and exchanging text messages, they added.

They said the information they presented at Black Hat will give criminals enough information to develop software to break into iPhones within about two weeks.

They said they warned Apple of the flaw in the middle of July, but that the company has yet to fix it.

About 4,000 security professionals were in attendance, including some who are really hackers. While experts ferret out software flaws to fix them and protect users, hackers use the same information to devise pranks or commit crimes.

It is not illegal to disclose ways to hack into computer systems, though it is against the law to use it to break into them.

When asked why they would hand over such information to criminals, they said they felt it was necessary to alert the public that iPhones were just as vulnerable to attack as personal computers.

"If we don't talk about it, somebody is going to do it silently. The bad guys are going to do it no matter what," Mulliner said.

They have successfully tested the hacks on iPhones running on networks of four carriers in Germany along with AT&T Inc in the United States. They said they believed the methods will work with iPhone carriers around the world.

Apple officials could not immediately be reached for comment.

(Reporting by Jim Finkle; Additional reporting by Gabriel Madway; Editing by Richard Chang)