14 DAY TRIAL // The iPhone 4 was compromised by renowned Mac hacker Charlie Miller during the second day of the Pwn2Own hacking contest by using a drive-by download attack.
Miller collaborated on the exploit with Dion Blazakis, a colleague from Independent Security Evaluators, the company he works for.
The attack exploited a vulnerability in the iOS MobileSafari browser to steal the phone's address book.
Miller is known for his past achievements at Pwn2Own where he hacked into Mac OS X machines on three separate occasions using flaws in Safari.
The main problem with the contest is that the order in which researchers get to try out their attacks is randomly drawn in advance.
Since most participants come with tested exploits it's highly unlikely for any targets to withstand more than one or two attempts.
This year Charlie Miller ended up being fourth in line to take a stab at Safari, which gave him little to no chance of winning the big prize.
Also, this edition only had prizes for first place, as opposed to past ones where everyone with a working exploit was rewarded. This prompted the Mac hacker to criticize the organizers.
Miller's and Blazakis' exploit was executed against a iPhone 4 running iOS 4.2.1, not the 4.3 version released two days ago.
That's because the configuration of all devices was "frozen" two weeks prior to the contest in order to give researchers a fair chance and prevent vendors from issuing last minute patches.
However, Miller did admit the address space layout randomization (ASLR) technology implemented in the new iOS 4.3 would have broken his exploit.
"If you update your iPhone today, the vulnerability is still there, but the exploit won’t work. I’d have to bypass DEP and ASLR for this exploit to work," the researcher told ZDNet.
In related news, the BlackBerry OS was also hacked at Pwn2Own, but no one took aim at Android or Windows 7 Mobile.