Second iPhone virus found, again targets jailbroken iPhones
Earlier this week, an Australian coder by the name of Ikee wrote an interesting iPhone worm targeting users with jailbroken iPhones — specifically those users who had not RTFM and changed their root password. The worm was programmed to scan the 3G IP ranges of the Telus, Optus, and Vodafone networks in Australia. Once a vulnerable iPhone was found, the exploit would change the wallpaper of said device to…Rick Astley. Respect. In an interview Ikee explains that his worm was designed as more of a warning shot than an attempt to compromise user data. Ikee had hoped users would be motivated to change their root password, which is set to “alpine” by default post-jailbreak, after seeing the consequences of a compromised root password. Fast forward to today, and a new anonymous coder has modified Ikee’s worm, and this new variant has less of that public service announcement feel to it. The modified strain, dubbed “iPhone/Privacy.A” by the online security firm Intego, is programmed to do several things: act silently and retrieve e-mail messages, SMS messages, calendar appointments, contacts, photos, music files, videos, along with any other data recorded by your iPhone apps. Currently details on where the worm is uploading the farmed data is scarce, and the threat of being infected is low. What’s our recommendation? If you have a jailbroken iPhone, change the root password. Maybe this is why Apple’s looking to secure their incredibly unsecure mobile operating system…
It doesn’t matter what the details are…jailbreaking, installing software, not changing default password. Sure, you know what this issue is and I know what the issue is, but the droves of simple minded iphone users will see this as the iphone getting hacked. Bad publicity for Apple.
I know this is about the iPhone, but some might be interested in reading about an exploit called phonesnoop for BlackBerry devices. That app allows for remote snooping on a blackberry (allows the attacker to call your phone and it silently answers it, and puts it into speakerphone mode so the attacker can listen in on whats going on.
It’s serious enough that US-CERT issued a warning….
http://www.us-cert.gov/current/archive/2009/11/10/archive.html#blackberry_phonesnoop_application_used_to
Yes, a person has to grant physical access to the attacker to install the app, but as it’s merely a proof of concept, new strains might be buried in other apps in the future.
It would be funny if these viruses were made by Apple… I mean why is it only going after jailbroken iPhones (which I’m guessing is a small minority compared to the iPhone population) and not the iPhones that people don’t mess with?
I would not be surprised. They are so proprietary, I won’t own Apple anything. Apple broke jail broken phones about a year ago.
Just DON’T install SSH as a service.
If you have jailbroken your iPhone, you are NOT automatically at risk! ONLY if you went the extra step and installed SSH are you at risk.
If you jailbreak and install SSH, I assume you can edit the ssh_config? If so, you could even change the default port it runs on. I know that’s hardly security, but it’d be another step for the “hacker” to have to take. How much of OS X is included on the iPhone? I’d almost like to have one I could jailbreak to tinker with.
How much of Linux is included within Android? If that’s what makes up the OS. I haven’t read up on it. If that’s the case, the DROID and Android might be fun to play with, too.
so i guess worms can infect android too right? they say “droid does”, so i guess its true!
No, that would be :
Iphone doesn’t longer have the virus invulnerability, Droiddoes.
Or something like that o_O
DROID
I thought Macs and Apple did not get viruses? lol
Telus in Australia? You wouldn’t be referring to Telstra, perhaps?
1) SSH is not installed by default on jailbroken iPhones. It is user installed so not every jailbroken device is affected. If you don’t even know what SSH is, you probably didn’t even install it.
2) Changing the root password is not necessary. If you have sbsettings, enable the SSH toggle and toggle off SSH when you’re not using it.