Malicious E-mail could Hack your Network by just Opening It

Simply opening a specially crafted e-mail on a Mac, iPhone or iPad could allow a remote attacker to hack your network, according to security specialist Bogdan Calin.

In the video above Calin shows a feature that Apple products have enabled by default that a hacker could manipulate to gain access to your computer’s IP address. With this information, a script can be written that automatically attacks your router’s DNS settings. Doing so would allow a hacker to control what websites that you see when you are surfing the internet.

All from an imbedded script hidden in an innocent looking e-mail:

“I got the idea for these tests after I noticed that Apple devices load remote images in emails by default. This can cause privacy issues and it is not a recommended practice. A malicious user can send you an email with an embedded 1×1 pixel image with the background colour of your email client, so it is not visible. The email client will load this image from a remote server and by doing so, it discloses your IP address and email client banner, and possible your identity. In some situations, such behaviour can have catastrophic consequences.”

The attack works by inserting several DNS change commands with default router usernames and passwords inside the e-mail. These are executed silently when the e-mail is read. If the included username and password matches your router, it could change your DNS settings.

These settings tell your computer where to go to find correct internet addresses for website names. If these settings were set to a malicious server, the hacker could send you to a bogus page that looks like a real one, but could harvest your credentials or account information.

The author recommends changing the “download remote image” Mail settings on Apple products to off or changing your router password to something complex. Using a long complex router password is always good advice.