Publicizing an iPhone SMS spoofing issue in a Friday blog post, an independent security researcher in France has pointed to a text-based iOS glitch, which enables scammers to spoof their identifies and project that text messages are coming from a legitimate source.
Asking Apple to fix the iPhone spoofing problem in its forthcoming ‘iOS 6’ version, the hacker - known as “pod2g” - said in the blog post that he feels that the flaw is a “severe” one, even though it does not involve code execution. The hacker also said that he believes the mentioned vulnerability affects some of the other available handsets also.
According to “pod2g”, “spoofed” messages can be sent by malicious users who can seemingly show their identities as someone else; thereby fooling the message-recipients to believe that the SMS messages have been sent by a friend or trusted source.
In his blog post, “pod2g” has also elaborated that the handling of SMS messages iOS apparently supports the transmission of some optional, advanced features - including a "reply to" address - in the User Data Header of SMS Specifications.
Noting that the iPhone SMS spoofing issue affects all the versions of iOS, including the latest developer beta – the fourth one - of the upcoming iOS 6, “pod2g” urged in the blog post: "Apple: please fix this before the final (iOS 6) release.”