Joost Pol and Daan Keuper, of Certified Secure, exploited a WebKit vulnerability to launch a drive-by-download to hijack the address book, photos, videos, and browsing history from a fully patched iPhone 4S, ZDNet reported on Wednesday. The pair demonstrated their attack at the Mobile Pwn2Own competition in Amsterdam, the Netherlands.

View the original article here

Share |