The vulnerability of iPhone connected with calls on paid numbers

is found

The vulnerability of iPhone connected with calls on paid numbers

Detection of these or those vulnerabilities of any smartphone – only time business. How founders of smartphones argued that their children are impregnable for hackers, all this is very far from the truth. The gap found recently in safety of iPhone – to one more volume the proof.

Hackers already repeatedly proved that on iCloud servers it is possible to crack iPhone and the account easily. As employees of safety in a subsoil of Apple try to resist to hacker groups – always will be one-two more way to bypass all ban and blocking.

This time the portal of PC World published important information on serious vulnerability of smartphones of Apple which potentially can strike noticeably on a purse of their owners. And this vulnerability ridiculously simply works: hackers can place the harmful reference on one of sites in the Network, by pressing on which in the browser your smartphone instantly will start to call according to certain telephone number. If not to manage to react and not to dump a call – it is possible to fly for rather big sum, after all number as you understand, paid.

Vulnerability was found by Andrey Nekulaesi – the employee of the Airtame company which is engaged in development of strimingovy technologies. In spite of the fact that in most cases the Safari browser offers the user a choice: to call or not to call according to number specified on page, some foreign appendices like Facebook Messenger or Google + bypass this important step and immediately start to dial number.

Considering that it is possible to send the harmful reference in the form of the usual message – the chance is great that the user will really pass on it and will grow poor on a quantity of money, even that without suspecting.

«Andrey found a way by means of which malefactors are capable to bypass a ban of iOS on commission of calls without notice the user. He created the web page containing a certain JavaScript-code which immediately transfers the user from the reference to a call to paid number», – journalists of PC World tell to the readers.

It became clear that, besides Facebook Messenger and Google +, the given vulnerability Gmail and FaceTime suffer also. The author investigated only a few large appendices on vulnerability existence. Even if Google and Apple did not provide this problem what then to speak about small studios, whose appendices also can lead to calls on premiumny telephone number.

Here is how the harmless code of the reference looks, by pressing on which will jump out алерт, reporting that you can make a call on number "0000" but only if it want.

The vulnerability of iPhone connected with calls on paid numbers

And here the code which bypasses any notices so looks and at once starts to dial to specified number "0000".

The vulnerability of iPhone connected with calls on paid numbers

While neither Google, nor Apple did not react to this opening. But we will hope that founders of iOS and Android will note this vulnerability to themselves and will patch this gap in future versions of the operating systems. For now be simply more careful, when pass according to references from people unfamiliar to you and at visit of sites to which do not trust.