iPhone Worms Get Mean, Steal Data

Rickrolling iPhones with a worm seemed bad enough, but now it appears that a more malicious attack is making the rounds in the jailbroken iPhone community. The new worm, dubbed iPhone/Privacy.A, can hop onto jailbroken iPhones and download the handset's data.

The security research company Intego is calling the security risk low because it requires iPhone owners to jailbreak their smartphone and to leave the default root password unchanged. Attackers also need to run an application on their computer to sniff out jailbroken iPhones on the same network.

"When connecting to a jailbroken iPhone, this tool allows a hacker to silently copy a treasure trove of user data from a compromised iPhone: e-mail, contacts, SMSs, calendars, photos, music files, videos, as well as any data recorded by any iPhone app," Intego said in a security report. "Unlike the ikee worm, which signals its presence by changing the iPhone's wallpaper, this hacker tool gives no indication that it has invaded an iPhone."

iPhone/Privacy.A isn't the first threat to crop up that targets jailbroken iPhones. The ikee worm surfaced a few days ago in Australia, but instead of stealing user data it installs a new wallpaper image of 80's pop singer Rick Astley. A few days before that, jailbroken iPhone owners in the Netherlands started seeing a message appear on their screens from a hacker wanting €5.

Only iPhones that have been jailbroken, or hacked to allow the installation of third-party apps that aren't available through Apple's App Store, are susceptible to the attack, and only if the default root password hasn't been changed. Since the attack relies on the default root password, which is the same on all iPhones, users that do jailbreak their handsets should change the default SSH password to avoid the worm.

"We would like to stress that users who jailbreak their iPhones are exposing themselves to known vulnerabilities that are being exploited by code that is circulating in the wild," Intego said. "While the number of iPhones attacked may be minimal, the amount of personal data that can be compromised strongly suggests that iPhone users should stick with their stock configuration and not jailbreak their devices."