“iPhone owners should be wary of a feature that is available through the built-in Safari browser of Apple’s new device because it could allow attackers to hack in to the phone and gain control of calls, according to a security alert,” Stan Beer reports for iTWire.
“The alert from security firm SPI Labs advises users to avoid a feature of iPhones that allows a user to dial any phone number displayed on a web page simply by tapping the number. According to SPI Labs, the feature can be exploited to redirect and track phone calls, as well as placing calls without knowledge of the user. Hackers could also cause mischief that makes the iPhone unusable until it is turned off,” Beer reports.
Full article here.
Robert McMillan reports for IDG News Service, “The feature was created to give iPhone users a simple way to dial phone numbers listed on Web pages, but according to SPI, the feature could be misused.”
“Attackers could exploit a bug in this feature to trick a victim into making phone calls to expensive “900” numbers or even keep track of phone calls made by the victim over the Web, said Billy Hoffman, lead researcher with SPI Labs. The iPhone could even be stopped from dialing out, or set to dial out endlessly, he said,” McMillan reports.
“SPI is not releasing detailed information on how the Web dialing feature could be exploited, but the company contacted Apple on July 6 and is working with the iPhone maker to prevent these types of attacks, Hoffman said,” McMillan reports.
Full article here.