A security researcher and hacker iOS exposed a flaw present in all versions of the mobile system Apple released today, including new test version of iOS 6. The bug would allow the theft of personal data of any user to answer an SMS alert or an automated voice mail with sensitive information.
The flaw takes advantage of a protocol called PDU, which deals with sending and receiving various messages on mobile devices, including automatic. Through the protocol, you can access the header of the message text, and as the recipient of the iOS automatic messages are hidden, the number to which the message should be sent could be modified by hackers without the knowledge of the sender. If the content of SMS have any personal or confidential information, it could easily be diverted.
Apple has not yet ruled on the matter, but there is no immediate danger, because companies and financial institutions, for example, never ask for sensitive information via text messages, which could be diverted.
Still, the risk exists. The fact is that this failure is already present in the system of the company for five years, and has not yet been exploited on a scale large enough to cause problems, but it’s good for Apple to open the eye.