Press "Enter" to skip to content

Vulnerable bug in the IOS camera that can lead to malicious site

Rohit Bhurtel 0

IOS 11 has been disclosed with vulnerability in the Camera app of the IPhone that can lead users to the malicious site without their idea with the help of the QR code.

The vulnerability affects Apple’s latest iOS 11 mobile operating system for iPhone, iPad, and iPod touch devices and resides in the built-in QR code reader.

With iOS 11, Apple introduced a new feature that gives users ability to automatically read QR codes using their iPhone’s native camera app without requiring any third-party QR code reader app.

You need to open the Camera app on your iPhone or iPad and point the device at a QR code. If the code contains any URL, it will give you a notification with the link address, asking you to tap to visit it in Safari browser.However, be careful — you may not be visiting the URL displayed to you, security researcher Roman Mueller discovered.

According to Mueller, the URL parser of built-in QR code reader for iOS camera app fails to detect the hostname in the URL, which allows attackers to manipulate the displayed URL in the notification, tricking users to visit malicious websites instead.

Vulnerable bug in the IOS camera that can lead to malicious site

For the demo, the researcher created a QR code (shown above) with the following URL:

https://xxx\@facebook.com:443@infosec.rm-it.de/

If you scan it with the iOS camera app, it will show following notification:

Open “facebook.com” in Safari

When you tap it to open the site, it will instead open:

https://infosec.rm-it.de/

I have tested the vulnerability, as shown in the screenshot above, on my iPhone X running iOS 11.2.6 and it worked.

QR (Quick Response) code is a quick and convenient way to share information, but the issue becomes particularly more dangerous when users rely on QR codes for making quick payments or opening banking websites, where they might end up giving their login credentials away to phishing websites.The researcher had already reported this flaw to Apple in December last year, but Apple hasn’t yet fixed the bug to the date.

Thanks for visiting !

Your Comments are highly appreciated !

%d bloggers like this:
Inline
Inline