Jailbroken iPhones Hit with Another Worm

November 23rd, 2009 at 8:49 AM - News by Jeff Gamet

Jailbroken iPhone owners are facing yet another potential security threat now that a new worm is users in the Netherlands. The new threat acts like a botnet and redirects ING online bank customers to a phishing site.

Like previous iPhone worms, this new threat works only on iPhones that have been hacked to support unauthorized third-party applications, have SSH installed, and are still using the default root password. The worm spreads between iPhones that are on the same Wi-Fi network, according to the security research firm F-Secure.

So far, the number of infected iPhones is estimated to be in the hundreds. "It's fairly isolated and specific to Netherlands but it is capable of spreading," said F-Secure research director Mikko Hypponen.

ING Bank is alerting its customers to the potential threat and is reminding them that the threat impacts only jailbroken iPhones.

The first iPhone worm to appear used a similar method to jump from iPhone to iPhone, and initially asked victims for €5. That worm was later changed to offer instructions on protecting jailbroken iPhones.

A second worm appeared shortly after, although it was far less dangerous because it only added a new locked screen graphic showing 80's pop star Rick Astley. A more dangerous worm appeared a few days later that could copy data off of a victim's iPhone.

Since the attacks all impact hacked iPhones, the safest defense is to not jailbreak your handset. For users with jailbroken iPhones, changing the root password should block the attacks as well.

[Thanks to the BBC for the heads up.]

3 Observer Comments

Jeff Gamet said on November 23rd, 2009 at 9:44 AM:

Keep in mind: This worm impacts only jailbroken iPhones. If you aren’t sure how to change your iPhone’s root password, you might not want to hack it.

daemon said on November 23rd, 2009 at 11:32 AM:

If you aren’t sure how to change your iPhone’s root password, you might not want to hack it.

Because it’s so hard to use passwd while logged on as root?

DistortedLoop said on November 23rd, 2009 at 12:42 PM:

The “more dangerous worm” as you call it, links to a story about the iPhone/Privacy.A (so-called by Intego Antivirus) HACKER TOOL. This may be nitpicking, but iPhone/Privacy.A is not a worm (or virus) that spreads from iPhone to iPhone. It is a piece of software that is on Mac computers that allows someone to exploit the same vulnerability (open ssh server with default passwords) that the previous worm did, but it is not a worm. I think it’s safe to assume in most cases that iPhone/Privacy.A (is on someone’s Mac because they installed it there for their OWN nefarious purposes. An exception might be a bad guy who’s already somehow compromised your Mac for their own use.

Page 1 of 1 pages

Commenting is not available in this section entry.

Recent Headlines - Updated March 19th

Thu, 5:24 PM: Product News - Apple Releases Logic Pro 9.1.1 Update
5:11 PM: iPad - Apple, Amazon in Last-Minute Wrangling Ahead of iPad’s Launch
3:39 PM: Games - Macgamestore to Bring Ubisoft’s Settlers 7 to Mac Next Week
2:47 PM: iPad - UK Import Service Temporarily Halts iPad Orders Because of Volume
2:30 PM: iPhone - China Mobile Eyes iPad, 3G iPhone
1:40 PM: News - Apple Patents Miniature Projector Technology
12:39 PM: News - Apple Director Jerome York Passes Away After Suffering Aneurysm
12:38 PM: iPad - Rupert Murdoch: ‘All Media is Going Into the iPad’
11:35 AM: News - Apple Highlights New In-store Youth Workshops
11:00 AM: Product News - STM Adds New Colors to Laptop, iPad Glove Lineup
10:42 AM: Dave Hamilton's Blog - SXSW Music Festival Survival Guide
9:54 AM: Product News - CheckUp 2.6 Improves Core i5, i7 Support

The Mac Observer Reader Specials

TypeStyler For Mac OS X is Now Shipping! Download The Free Fully Functional 60 Day Tryout at www.typestyler.com
Mac Memory and Hard Drives: MacBook Pro Memory 8GB kits $349.99! iMac Memory 4GB DDR Kits for $109.99! Mac Pro Memory 4GB Kits for $135.99! Mac Hard Drives 1.5TB Seagate SATA II for $147.99! Click Here!
CarMD Handheld Device & Mac/PC Software System saves you time and money on car maintenance and repair. Buy at www.CarMD.com! Save $10 with code TMO2.
If you're using a Mac, then you've gotta check out Full Tilt Poker for Mac. This Full Tilt Poker bonus code does the unthinkable, it actually rewards!
For the latest Apple products use Ciao, a price comparison website, to find laptops like MacBook Air. Then find the best prices on MP3 players and use our comparison tool to evaluate mobile phones like the Apple iPhone.