Hacker Warning: Don’t Load PDF Files From Your iPhone
August 3, 2010
(ChattahBox)—A malicious code embedded in the font of PDF files can completely take over your iPhone, as well as iPads and iPod Touches. Once hackers gain access to your device they an cause all sorts of havoc, including deleting critical files, installing a keylogger and reprogramming your calls to connect to different phone numbers, such as calling 911 or a sex hotline.
The PDF bug affects all iOS devices running version 3.1.2 and higher.
Gizmodo has the details:
“It just requires the user to visit a web address using Safari. The web site can automatically load a simple PDF document, which contains a font that hides a special program. When your iOS device tries to display the PDF file, that font causes something called stack overflow, a technical condition that allows the secret ninja code inside the font to gain complete control of your device.”
There is no fix from Apple, as yet to correct the PDF vulnerability, so for now, avoid PDF downloads and redirects to PDF links.
Gizmodo also recommends a jailbreak program, dubbed “PDF Loading Warner” that would require authorization, before a PDF file is automatically downloaded by Safari.