Jailbroken iPhones Hit with Another Worm

News

Jeff Gamet

8:49 AM, Nov. 23rd ET, 2009

Articles by Author Jeff Gamet on Twitter Contact Author Bio

Comments (3)

Jailbroken iPhone owners are facing yet another potential security threat now that a new worm is users in the Netherlands. The new threat acts like a botnet and redirects ING online bank customers to a phishing site.

Like previous iPhone worms, this new threat works only on iPhones that have been hacked to support unauthorized third-party applications, have SSH installed, and are still using the default root password. The worm spreads between iPhones that are on the same Wi-Fi network, according to the security research firm F-Secure.

So far, the number of infected iPhones is estimated to be in the hundreds. "It's fairly isolated and specific to Netherlands but it is capable of spreading," said F-Secure research director Mikko Hypponen.

ING Bank is alerting its customers to the potential threat and is reminding them that the threat impacts only jailbroken iPhones.

The first iPhone worm to appear used a similar method to jump from iPhone to iPhone, and initially asked victims for €5. That worm was later changed to offer instructions on protecting jailbroken iPhones.

A second worm appeared shortly after, although it was far less dangerous because it only added a new locked screen graphic showing 80's pop star Rick Astley. A more dangerous worm appeared a few days later that could copy data off of a victim's iPhone.

Since the attacks all impact hacked iPhones, the safest defense is to not jailbreak your handset. For users with jailbroken iPhones, changing the root password should block the attacks as well.

[Thanks to the BBC for the heads up.]

Post A Comment or Log-in. Need an account? Register here.

3 Observer Comments

Jeff Gamet said on November 23rd, 2009 at 9:44 AM:

Keep in mind: This worm impacts only jailbroken iPhones. If you aren’t sure how to change your iPhone’s root password, you might not want to hack it.

daemon

said on November 23rd, 2009 at 11:32 AM:

If you aren’t sure how to change your iPhone’s root password, you might not want to hack it.

Because it’s so hard to use passwd while logged on as root?

DistortedLoop said on November 23rd, 2009 at 12:42 PM:

The “more dangerous worm” as you call it, links to a story about the iPhone/Privacy.A (so-called by Intego Antivirus) HACKER TOOL. This may be nitpicking, but iPhone/Privacy.A is not a worm (or virus) that spreads from iPhone to iPhone. It is a piece of software that is on Mac computers that allows someone to exploit the same vulnerability (open ssh server with default passwords) that the previous worm did, but it is not a worm. I think it’s safe to assume in most cases that iPhone/Privacy.A (is on someone’s Mac because they installed it there for their OWN nefarious purposes. An exception might be a bad guy who’s already somehow compromised your Mac for their own use.

Post A Comment or Log-in. Need an account? Register here.

Recent Headlines - Updated February 10th

Fri, 2:58 PM: Deal Brothers - iMac 27-inch 2.93GHz Intel Quad-Core i7 processor: $1,999
2:45 PM: In-Depth Review - Theodolite App for iOS is Breathtaking
12:52 PM: Apple Stock Watch - Mizuho Securities Starts Apple Coverage with $635 Target
11:35 AM: Hot Forum Topic - Forum Poll: Are You Planning on Buying a New iPad?
11:00 AM: Analysis - Competitors Size up Apple’s iBooks Author
10:23 AM: News - Apple Scores a Win in Motorola Patent Fight
9:10 AM: News - Apple Highlights Siri in Two New iPhone 4S Ads
8:42 AM: TMO Quick Tip - OS X Lion: Replacing the “Show/Hide” Button in Finder
Thu, 7:56 PM: News - Apple Store Graciously Receives Workers’ Rights Petitions
5:22 PM: News - Chinese Apple Fan Makes Awesome Mac Costume
5:12 PM: Mac Geek Gab Premium Podcast - MGG 380: Managing Your iTunes Library, iOS Time Zone, Syncing & More
3:52 PM: Apple Stock Watch - Canaccord: Apple Claims 80% of Q4 Mobile Handset Profits

The Mac Observer Reader Specials

TypeStyler 11 is now in the Mac App Store!! -- Special Introductory Price of $59.95!! -- To Buy From The Mac App Store Click Here Now!! Or buy direct from Strider Software.
Mac RAM Upgrades: MacBook Pro 16GB kits $475, 8GB Kits for $119.99! iMac 16GB RAM Kits (4x 4GB) for $229.99! Mac Pro Memory 32GB Kit for $399.99, 64GB Kit for $889.99! Mac Hard Drives 2TB Seagate SATA II for $249.99! Click Here!
If you're using a Mac, then you've gotta check out Online Poker Mac. This mac poker and online casino mac site actually does the unthinkable, it actually rewards!

Apple Stock Quote (AAPL)

Last trade: $---.-- $---.--
Market cap: $---.--
Discuss in our Apple Finance Board

Quotes are delayed. Currency in USD

Hot Topics

What's the buzz? These articles have TMO readers talking.

Air Force Might Replace Manuals with 18,000 iPads - 13 Comments
Simpler Apple Apps Shouldn’t be Simple-minded - 11 Comments
Canaccord: Apple Claims 80% of Q4 Mobile Handset Profits - 10 Comments
FBI Releases Steve Jobs Dossier: Driven & Deceptive - 9 Comments
Apple Store Graciously Receives Workers’ Rights Petitions - 7 Comments
Apple iPhone Tops in U.S., Global Smartphones for Q4 - 7 Comments

TMO Express

Join the TMO Express Daily Newsletter to get the latest Mac headlines in your e-mail every weekday. Find out more!

Top Deals From DealBrothers.com

Recent Features

Get the latest installments of TMO Columns, Podcasts, & Blogs.

© The Mac Observer, Inc. -- All rights reserved. All information presented on this site is copyrighted by The Mac Observer, Inc. except where otherwise noted. No portion of this site may be copied without express written consent. Other sites are invited to link to any aspect of this site provided that all content is presented in its original form and is not placed within another frame. The Mac Observer is an independent publication and has not been authorized, sponsored, or otherwise approved by Apple, Inc.