A Swiss iPhone developer has unveiled a new application that is capable of harvesting huge amounts of personal data from iPhones, including geolocation data, passwords, address book entries and email accounts information, images, Safari Browsing history, youtube, keyboard logger, etc. all this using just the public API exposed by Apple’s SDK.
In order for this application, SpyPhone, to work, it does not need any exploits or any jailbreaking/firmware modification attacks in order to access the iPhone’s data. Instead, SpyPhone relies on using the iPhone’s usability and depth of features to its advantage. Once an application is on an iPhone, it has unrestricted access to the large amount of the data and settings available on the device.
Seriot, the application developer, has posted the source code for SpyPhone online and gave a talk detail document on iPhone Privacy at a security conference, earlier this week.
Seriot said: Once on the iPhone, the application begins looking at the stored data that’s available in various other programs, such as the email address book and the keyboard cache, which keeps a record of every keystroke the user enters in a non-password field. This data normally is used for the iPhone’s autocomplete feature, but can be a gold mine of information for an attacker searching for intelligence on the iPhone’s owner. By default, the iPhone will tag any photos taken with the device with the date and location of the pitcure. The user can turn this feature off, but if it’s enabled, SpyPhone can access that data, as well as the log of which WiFi hotspots the device has connected to. All of this gives the attacker a better picture of the iPhone’s owner, his location and his interests, which is valuable data.
The Worst Part: SpyPhone is more like a Trojan sitting in your OS silently and stealing data. All of the SpyPhone’s operations are executed in the background, without the knowledge of the iPhone’s owner, and just like any other Trojan, the application can be set to email reports on each infected phone back to the attacker.
Seriot mentions in his presentation that “Spywares are on the iPhone AppStore” And when this kind of app makes it to AppStore, it becomes a serious issue; who knows if “one of those spyware apps” already has SpyPhone-alike features.
No doubt, Apple has taken utmost efforts to keep strict control over what applications make it to the Appstore (their rejections are the proof), but despite their effort, exposing a lot of core of the Operating system has leaded them to misery.
Share your thoughts and read more at Tarranfx