iPhones make calls without telling you

Apple’s iOS is vulnerable to web-based attacks that force third-party apps to make phone calls and carry out other sensitive operations without first warning the user, a security researcher has warned.

Researcher Nitesh Dhanjani shows here how the planting of a simple iframe on a webpage can force the Safari browser to open Skype and dial a phone number or send a message to another Skype user. As long as Skype is installed and it stores the victim’s account password, the attack will work with no warning, he wrote.

Websites could use similar techniques to force a variety of third-party iOS apps, some of which are listed here, to also carry out potentially unwanted actions without first warning the user, Dhanjani warned.

(Full article)

Advertisements
Explore posts in the same categories: mactards

%d bloggers like this: