On iOS, we found a serious vulnerability
Makradar Technologies / / December 19, 2019
Charlie Miller, engaged in research and analysis of computer security, plans to demonstrate the vulnerability they discovered, allowing conventional applications from the App Store to download and execute unintended originally sections of code on any iOS device.
Miller has long been concerned with the security of Apple products. In 2008 he received a prize of $ 10,000 under the Pwn2Own conference for the creation of an exploit for the MacBook Air. The following year, he demonstrated a ten-hacking Safaru browser and iPhone vulnerabilities associated with the transmission of short messages. This time, Charlie created Instastock - seemingly normal application that performs monitoring functions. Instastock successfully passed the App Store. However, after a while Miller posted a video on YouTube, where the application leads is not the case, as stated in its description. After Apple found out about this application and video, Instastock was removed from the App Store, and Miller himself was expelled from the iOS Developer Program.
When you run the application behaves as prescribed, but after Miller activates the "hidden" functionality on their server, somehow have access to the application, Instastock starts the download and execution of unintended originally code. According to the rules of the App Store applications can only execute code approved by Apple. However, Miller written application allows remotely include a vibrate mode, open the video on YouTube, and even upload your address book from your device. Movie also demonstrates the ability to perform a number of different commands to the iPhone remotely via command line interface.
Apparently, a similar hack was made possible thanks to the fact that the Nitro JavaScript engine, introduced in iOS 4.3, it provides some exceptions to the Safari browser, to accelerate rendering pages. According to Miller, «Apple uses all its checks only to make sure that only the browser uses this exception, but in this case it is possible to get around and not worry about the code used generally".
Instastock been removed from the App Store. Most likely, Apple will include a fix for the vulnerability in the iOS 5.0.1 update, which already has the status of beta 2 and contains a security patch.
[via MacStories]