In mid-August, a hacker had discovered an SMS spoofing flaw in Apple‘s iOS 6 Beta. That spoofing problem was first brought to light by security researcher pod2g, who noted that this flaw was still present in all versions of iOS up to and including the latest iOS 6 beta 4. It could facilitate hackers to access your personal information. The flaw involves a malicious party spoofing the “reply” to number.
The flaw takes advantage of a feature in the PDU (Protocol Description Unit) which handles the sending and receiving of various types of messages in mobile devices. While all devices are capable of receiving these messages, it enables a malicious sender to fake his identity, appearing as if they were sent from another number. The researcher also further stated that “this could be used to impersonate your bank or charge you and most carriers don’t check this part of the message, which means one can type whatever he wants in this section: a special number like 911, or the number of somebody else.”
Yesterday, Apple has reportedly fixed the serious bug which allowed senders to spoof messages in iOS 6. The news comes via a tweet from jailbreaker Joshua Hill (@p0sixninja), who also noted that the latest version of the mobile operating system includes an “insane number of security fixes.” With iOS 6, Apple has reportedly corrected the flaw, no longer allowing SMS spoofing to trick iPhone users into thinking they are receiving a message from a known party.