Got a tip for us? Share it...
RSS

First iPhone Trojan?

Thursday January 10, 2008 9:00 am PST by longofest
Earlier this week, a third party package named "iPhone firmware 1.1.3 prep" became available via Installer.app. ModMyiPhone.com was first to identify it as malicious, and F-Secure later confirmed the low-risk threat.

The trojan installation package contains false application installation information that causes legitimate third party applications to be removed if the trojan is uninstalled from the iPhone.


The package was quickly removed from distribution after identification of malicious characteristics. Additionally, F-Secure states that the author was an "11-year-old kid playing with XML files." F-Secure warns that a more experienced coder could have done more damage.

Security will be one of the top concerns of Apple's upcoming SDK, as Steve Jobs had alluded to Nokia's system of digitally signing applications.

Nokia, for example, is not allowing any applications to be loaded onto some of their newest phones unless they have a digital signature that can be traced back to a known developer. While this makes such a phone less than "totally open," we believe it is a step in the right direction. We are working on an advanced system which will offer developers broad access to natively program the iPhones amazing software platform while at the same time protecting users from malicious programs.

[ 31 comments ]

Top Rated Comments

(View all)

Avatar
MarkMS
Posted: 54 months ago
Just saw this and wanted to let you all know.

Here is a quick excerpt from ModMyiFone. Just want people to know before they mess up their iPhone. I can't test this out, since I don't "hack" my iPhone, but I think this is why Apple wants the security measures before they release the SDK in Feb. This is how one bad person can ruin an experience.

It has come to my attention that the people responsible for the JMCO source jmwiki.com have internially created a malicious source with the sole intention of mucking up people's iPhones.

This source adds an app in installer that pretends to be an update of erica's utilities. The app appears in installer as 113 prep.

Once installed all this app does is it says "shoes." When uninstalled this app removes a lot of files from the /bin directory on the iphone, breaking valid apps like sendfile and other erica utilities.

ModMyiFone recommends that you DO NOT install 113 prep. We further recommend that you abandon the use of the JMCO source and remove it from your installer app.

It is a shame to see that people in our community are set on causing problems for others, their actions are not admirable.

Help us get out the word to everyone as quickly as possible and Digg This

Rating: 0 Positives / 0 Negatives
Avatar
ascham87
Posted: 54 months ago
I am surprised it took this long for something like this to happen. This is why I long for an official SDK, but with the amount of apps that Installer.app has..sigh...only in a perfect world I guess :(
Rating: 0 Positives / 0 Negatives
Avatar
jav6454
Posted: 54 months ago

Just saw this and wanted to let you all know.

Here is a quick excerpt from ModMyiFone. Just want people to know before they mess up their iPhone. I can't test this out, since I don't "hack" my iPhone, but I think this is why Apple wants the security measures before they release the SDK in Feb. This is how one bad person can ruin an experience.


And to think it was all caused by an 11 year-old boy. *sigh* The world ain't the one when 11 year olds watched for porn instead of ruinning people's devices. *sarcasm*
Rating: 0 Positives / 0 Negatives
Avatar
1rottenapple
Posted: 54 months ago
Is modmyifone working again? When I go there, it still reports that it can't find the server.
Rating: 0 Positives / 0 Negatives
Avatar
Consultant
Posted: 54 months ago
Thanks for the heads up.

Well, a classic case of trojan. But in this day and age, most people should be smart enough not to install something unless it's confirmed by the community.

Whoever responsible should be put in jail, preferably in the same cell as OJ.
Rating: 0 Positives / 0 Negatives
Avatar
xUKHCx
Posted: 54 months ago
Good old social engineering at play here.

It is up on Macworld site now as well.
Rating: 0 Positives / 0 Negatives
Avatar
pacohaas
Posted: 54 months ago

I am surprised it took this long for something like this to happen. This is why I long for an official SDK, but with the amount of apps that Installer.app has..sigh...only in a perfect world I guess :(

an SDK doesn't necessarily mean a limited number of "approved" apps. Look at all the stuff apple has approved for their webapps directory.
Rating: 0 Positives / 0 Negatives
Avatar
Eraserhead
Posted: 54 months ago

an SDK doesn't necessarily mean a limited number of "approved" apps. Look at all the stuff apple has approved for their webapps directory.


I think the iPhone will only support applications from the directory, ala the Apple webapps directory.
Rating: 0 Positives / 0 Negatives
Avatar
pacohaas
Posted: 54 months ago
yeah, and look how much crap is on there, but (hopefully) no malicious software. I'm just saying, it doesn't seem to take much for apple to "approve" something for the iPhone.
Rating: 0 Positives / 0 Negatives
Avatar
Metatron
Posted: 53 months ago
Great...11 year old hackers. I don't know any 11 year old that can "play" with XML files, build a package, and then properly submit it.
Rating: 0 Positives / 0 Negatives

[ Read All Comments ]