A feature made to offer more convenience to users have in turn made their mobile devices vulnerable to strangers wanting users to place calls to premium numbers, said Security Researcher Andrei Neculaesei in a blog post, after an experiment with apps on iPhones.
Apple’s iOS lets users make calls through apps by tapping a phone number without having to exit the application or give the app permission to do so in order to give users the convenience of making calls quickly. When a phone number is tapped on, the Uniform Resource Identifier (URI) uses the function called tel: to make a call to the number.
URI is the database where such definitions are found which is looked up during similar situations, for example, when an email address is tapped on, it refers the URI and opens the email application without requiring the user to exit their current web page or application in order to start composing the email.
Neculaesei tested the function with a javascript that triggers calls to a number. He created a webpage with the said javascript and when the user visited the webpage, it automatically triggered a call without requesting permission to do so.
Neculaesei noted that the app developers should have been thoughtful enough to make their apps resistant of such attacks. He said that the apps can be tweaked to request permission of the users before going ahead with calling the number. He has reportedly tested it only with big name apps such as Facebook Messenger, Google+, etc, but said that other apps could have the same kind of vulnerability too.
The same vulnerability can be used to make FaceTime calls too which will also let the attacker capture a screen shot of the user’s face to steal their identity.
