Posted by ipodrohan
Ralf Philipp Weinmann, of the University of Luxembourg, and security researcher Vincenzo Iozzo, of German company Zynamics, successfully exploited (hacked) the non-jailbroken iPhone via Safari and their payload was able to steal the content of the iPhone SMS database in annual Pwn2Own contest at the CanSecWest security conference held in Vancouver.
While the exploit was carried out just to steal the contents of the SMS data and deleting the text messages from iPhone. But, other exploits could be programmed to access contacts, photos, and other data on the iPhone, and without the knowledge of the user about an attack.
iPhone was made to visit a Web site which was hosting exploit code written by Weinmann and Iozzo in about two weeks to bypass the digital code signatures used by Apple in iPhone. They took less than 10 minutes to hack the iPhone 3GS running iPhone OS 3.1.3. Both the iPhone hackers shared $15,000 in prize money.