Feeds

iOS 6.x hack allows personal data export, free calls

Find phone, press buttons in weird sequence, invade privacy, call anyone

Internet Security Threat Report 2014

Hackers can access iPhones running iOS 6.x without passcodes, and will then be able to access and export the address book, send emails and make phone calls.

Jailbreak Nation has discovered the method for doing so and The Reg can confirm the method works after a sequence of swipes and key presses. It worked for us on an iPhone 5 running iOS 6.02, not just iOS 6.1 as Jailbreak Nation suggests.

Once the phone has been hacked in the method described in the video below, we were able to access an iPhone 5's address book, view all details of the contacts listed therein and make calls to them. The Contacts app offers the chance to “Message” contacts by SMS or email and a chance to “Share Contact”, which results in a contact's details being added to an outgoing email as a .VCF file.

This method could therefore be used to acquire a copy of all contacts stored on an iPhone, and to run up a colossal phone bill on the device.

In our test the iPhone's Home button became inert after the hacking procedure was applied, making it impossible to access other apps, so Apple will be spared the blushes that would have come with hackers finding stray iPhones and resetting progress in Angry Birds.

With iOS 6.1 proving to be a buggy mess, news of this latest hole won't make for a happy Friday down Cupertino way. Or weekend, if Mr Cook of Cupertino decides a patch has to be delivered ASAP. ®

Watch Video

Internet Security Threat Report 2014

More from The Register

next story
Knock Knock tool makes a joke of Mac AV
Yes, we know Macs 'don't get viruses', but when they do this code'll spot 'em
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
BlackEnergy crimeware coursing through US control systems
US CERT says three flavours of control kit are under attack
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.