Apple device exploit opens internal networks to attack, researcher claims
Security researcher Bogdan Calin said he could remotely compromise the internal networks of users with default or weak router passwords by convincing them to open an email on their iPhone, iPad or Mac.
"Opening a legitimate looking email on an iPhone, iPad or Mac while using an Asus router with a default or guessable password could compromise the security of your internal network," he wrote in a blog.
Calin explained that once the user opened the email from the Apple (NASDAQ: AAPL) device, he could gain access to the network and change the DNS servers used by the router to an IP address under his control. His blog includes a video showing the attack vector.
"I got the idea for these tests after I noticed that Apple devices load remote images in emails by default. This can cause privacy issues and it is not a recommended practice," he wrote.
"A malicious user can send you an email with an embedded 1x1 pixel image with the background color of your email client, so it is not visible. The email client will load this image from a remote server and by doing so, it discloses your IP address and email client banner, and possible your identity. In some situations, such behavior can have catastrophic consequences," Calin cautioned.
Such a vulnerability could cause a security nightmare for an enterprise that allows its employees to bring their own devices to work, particularly since many of those are iOS devices. The researcher recommends that strong passwords be set on routers.
- read Calin's blog