A bug in some iPhone apps, allows you to make calls without confirmation
According to a new report by a developer named Andrei Neculaesei, iPhone users should be very careful when opening messages received that contain a phone number, since a call could be made automatically, something that, depending on the phone number, could be expensive.
Developer Andrei Neculaesei discovers a security flaw in third-party iPhone apps
As we already know, on the iPhone phone numbers are usually shown as links. This is possible thanks to the use of a uniform resource identifier scheme, also known as URI, which is called "tel" and when executed activates a call.
Now, the developer has stated that there is a huge risk in how some of the mobile applications manage phone numbers. In fact, you have noticed that some of these apps are used in the code some tools that allow a call to be made automatically to the phone number that is included in the message without the need for confirmation from the user.
The problem arises mainly from the use of certain development codes that do not require confirmation of making a call, as Safari does, when you click on a phone number in third-party applications, such as the app Facebook Messenger This could cause malicious people to "force" users to make calls to payment numbers, which could be very expensive.
Google and Facebook are the main affected by this bug
Among some of the many third-party applications that are "affected" by this bug or bug, we can find the one already mentioned Facebook Messenger, the Gmail app for iOS and even Google+, but of course, these are quite recognized third-party apps and it is not known that many other applications, not so recognized, may have this same "problem."
One of the measures that Apple could take on this bug is, theoretically, to make an intervention on all those applications that include this malicious code and that remove them from the App Store, however, the developers of these applications are expected to take action in this regard, especially those of large companies with as many users as they can be Facebook and Google, and that work on vulnerabilities that put the security of users at risk.
In any case and being aware of such a problem, you need to be careful when opening messages of doubtful origin in third-party apps, especially if they contain phone numbers since they could lead us to make unwanted calls.