Jailbroken iPhones Hit with Another Worm
November 23rd, 2009 at 8:49 AM - News by Jeff Gamet
Jailbroken iPhone owners are facing yet another potential security threat now that a new worm is users in the Netherlands. The new threat acts like a botnet and redirects ING online bank customers to a phishing site.
Like previous iPhone worms, this new threat works only on iPhones that have been hacked to support unauthorized third-party applications, have SSH installed, and are still using the default root password. The worm spreads between iPhones that are on the same Wi-Fi network, according to the security research firm F-Secure.
So far, the number of infected iPhones is estimated to be in the hundreds. "It's fairly isolated and specific to Netherlands but it is capable of spreading," said F-Secure research director Mikko Hypponen.
ING Bank is alerting its customers to the potential threat and is reminding them that the threat impacts only jailbroken iPhones.
The first iPhone worm to appear used a similar method to jump from iPhone to iPhone, and initially asked victims for €5. That worm was later changed to offer instructions on protecting jailbroken iPhones.
A second worm appeared shortly after, although it was far less dangerous because it only added a new locked screen graphic showing 80's pop star Rick Astley. A more dangerous worm appeared a few days later that could copy data off of a victim's iPhone.
Since the attacks all impact hacked iPhones, the safest defense is to not jailbreak your handset. For users with jailbroken iPhones, changing the root password should block the attacks as well.
[Thanks to the BBC for the heads up.]
3 Observer Comments
If you aren’t sure how to change your iPhone’s root password, you might not want to hack it.
Because it’s so hard to use passwd while logged on as root?
The “more dangerous worm” as you call it, links to a story about the iPhone/Privacy.A (so-called by Intego Antivirus) HACKER TOOL. This may be nitpicking, but iPhone/Privacy.A is not a worm (or virus) that spreads from iPhone to iPhone. It is a piece of software that is on Mac computers that allows someone to exploit the same vulnerability (open ssh server with default passwords) that the previous worm did, but it is not a worm. I think it’s safe to assume in most cases that iPhone/Privacy.A (is on someone’s Mac because they installed it there for their OWN nefarious purposes. An exception might be a bad guy who’s already somehow compromised your Mac for their own use.
Recent Headlines - Updated February 9th
- Tue, 8:00 AM
- TMO Appearances - TMO’s Bryan Chaffin and the Atomic Love Bombs Perform During Macworld Expo
- Mon, 5:37 PM
- News - Juniper Readies Software to Improve Cell Carrier Networks
- 5:17 PM
- Macworld Expo - Macworld Expo 2010 Hess Party List Goes Online
- 4:11 PM
- News - Survey: iPad Announcement Increased Awareness, Fails to Convert New Buyers
- 3:30 PM
- TMO Appearances - Dave Hamilton Keeps Your Mac Lean and Clean at Macworld Expo
- 1:10 PM
- TMO Appearances - Mac Geek Gab Live Recording at Macworld Expo
- 12:39 PM
- Deal Brothers - Western Digital 750GB My Passport Essential SE Portable Hard Drive: $129
- 11:46 AM
- Product News - nova media Intros FoneSync for LG Handsets
- 11:15 AM
- News - Pwnage Tool 3.1.5 Adds iPhone OS 3.1.3 Support
- 10:35 AM
- News - Mobily Adding iPhone Tethering Support in February
- 10:00 AM
- Hot Forum Topic - Apple, Google and the Evolution of the Smartphone Market
- 9:30 AM
- Monday's Mac Gadget - Want to Secure Your Data Across Platforms? Check out TrueCrypt!
The Mac Observer Reader Specials
- TypeStyler For Mac OS X is Now Shipping! Download The Free Fully Functional 60 Day Tryout at www.typestyler.com
RamJet Memory: Mac Pro 8GB Kit $275.99, Mac Pro 4GB Kits $145.99! Sale on MacBook and MacBook Pro 8GB kits $459.99! MacBook, MacBook Pro, iMac Mac mini 4GB Kits for $113.99! 1TB SATA Hard Drives for $109.99! Click here- If you own a car, you need CarMD! Catch problems, estimate repairs and more. Now for Mac. $98.99 at www.CarMD.com Save $10 with code TMO1.
If you're using a Mac, then you've gotta check out Full Tilt Poker for Mac. This Full Tilt Poker bonus code does the unthinkable, it actually rewards!For the latest Apple products use Ciao, a price comparison website, to find laptops like MacBook Air. Then find the best prices on MP3 players and use our comparison tool to evaluate mobile phones like the Apple iPhone.
Laptop Hardware Provided by TechRestore - Overnight Mac & iPod Repairs.
J&R ComputerWorld’s Weekend Sale - Sitewide Unbelievable Deals
Refurbished 13” MacBook Air 1.86GHz Intel Core 2 Duo: $1249.00 Delivered
Refurbished iMac 24-inch 2.93GHz Intel Core 2 Duo: $1279.00 Delivered
2nd Gen. Refurbished 16GB iPod touch: $199.00 Delivered - Tons of Refurb iPod Deals!
