Team that posted iPad email details finds new exploit, in Safari

Team that posted iPad email details finds new exploit, in Safari
Last week, AT&T confirmed that 114,067 iPad 3G owners had their email information leaked to the Web, with the data being stolen and exposed by a group called Goatse Security.

AT&T went as far as to call Goatse "malicious hackers" who attacked AT&T's servers, and the group is now under investigation by the FBI.



Today, the same group has exposed another security hole in the iPad, using the same ICC-IDs given out by using a script on the AT&T Website and determining the locations of iPad owners.

Additionally, the group says an unpatched Safari browser exploit will allow for targeted attacks on iPads. The exploit, reads DailyTech, "uses an integer overflow exploit, which gives access to proxy connections over banned ports, allowing all sorts of ill purposes including spewing spam and malware deliveries to locally networked machines."

Says Goatse of the new Safari exploit: "The potential for this sort of attack and the number of iPad users on the list we saw who were stewards of major public and commercial infrastructure necessitated our public disclosure. People in critical positions have a right to completely understand the scope of vulnerability immediately. Not days or weeks or months after potential intrusion."

Written by: Andre Yoskowitz @ 15 Jun 2010 17:13
Advertisement - News comments available below the ad
  • 4 comments

  • blueboy09

    HAHAHA! Don't say that I didn't tell you so. AT&T's network is embarrassing at best. Apple, what the hell were you thinking? Oh I forgot, they don't!! Whoops!!

    Life is about walking on thin ice, if you make too much drama, youll crack under pressure. - BLUEBOY

    15.6.2010 20:11 #1

  • biglo30

    LOL I'm glad I can't wait for some coder to start noticing the weakness in Mac OS as well and start hitting them hard so these fan boys wont have anything to say.

    15.6.2010 23:06 #2

  • KillerBug

    So it does not run anything...yet it still has security holes? There was a time when Apple was a good choice for someone who just wanted email and web browsing...but clearly Apple can't even get that right.

    16.6.2010 05:19 #3

  • biglo30

    Originally posted by KillerBug: So it does not run anything...yet it still has security holes? There was a time when Apple was a good choice for someone who just wanted email and web browsing...but clearly Apple can't even get that right. Yup a lot of people give apple praise because they think it is so more much secure than windows is. Its just like what the hacker Marc Maiffret said “Windows Is More Secure, Apple Community Is Ignorant” Its not because apple is so secure that it does have that much viruses its been the market is too small to waste time targeting them. Al thought sometimes I wish they would send some their way. I think Apple has noticed this with the pulling of their famous "pc vs mac" commercial.

    16.6.2010 09:32 #4

© 2024 AfterDawn Oy

Hosted by
Powered by UpCloud