New iOS 7 bug lets anyone make a call from your locked iPhone [VIDEO]

Graham Cluley

Emergency callApple has already been embarrassed in the last few days with one unpatched bug in iOS 7.0, which allows unauthorised users to bypass the lock screen and gain direct access to your private photos and some apps.

But now another unpleasant bug has been found, which lets anyone make a phone call from your locked iPhone running iOS 7.0.

As Forbes reports, it is possible to fairly easily exploit a vulnerability in iOS 7.0’s emergency call function to call *any* phone number.

27-year-old Karam Daoud, a Palestinian living in the West Bank city of Ramallah, demonstrates the flaw in action in the following video:

I tried Daoud’s technique for myself on an iPhone 5 – and sure enough, it works.

Here’s how you do it for yourself.

  • First get your hands on a locked iPhone running iOS 7.0
  • Rather than try to enter a PIN code, press the “Emergency” button as if you were going to call the Police.
  • Enter any number which you wish to call, and rapidly tap the call button. After a second or two, the screen will go black and an Apple logo appears. Your phone will dial the number.

If that all sounds a little complicated, it isn’t. But here’s a highly scientific diagram I have put together for the benefit of Apple’s developers with the help of some crayons.

How to call on a locked iPhone

In short, you may think your phone is locked – but anyone can make a call from it if they wish. And the call can be to premium rate and international numbers, of course. All being made at your expense.

It’s easy to imagine how pranksters might exploit such a feature, so make sure to keep your iPhone running iOS 7.0 safe and close until Apple fixes this bug.

Maybe they should have spent a little more time ensuring that security holes and bugs like this didn’t exist, rather than messing about adding bells and whistles…

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

2 Replies to “New iOS 7 bug lets anyone make a call from your locked iPhone [VIDEO]”

  1. I have regretfully installed the IOS7.0 and found my contacts list have been butchered! Many important contact names were lost!
    The interface is so inferior – that I wish I did not update. Can anyone advise how to go back to IOS 5?

    1. If you backed up your iPhone before you upgraded then you
      should be able to rollback back but are you sure you really want to
      do that? There is more to it than the way it looks; IOS5 is
      probably two years old now and most apps are made for IOS6/IOS7
      now…

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.