New Malware Allows Hackers to Access Personal Information on Jailbroken iPhones
While full details of the tool are not disclosed, it is reported to utilize the same method as the "Rickrolling" worm deployed in Australia late last week, suggesting that the new malware would only affect jailbroken iPhones and iPod touches whose users have installed SSH for remote access capabilities and failed to change the default password. It is unclear the extent to which the tool has been seen in the wild, although Intego currently categorizes the risk of the malware as "low".
When connecting to a jailbroken iPhone, this tool allows a hacker to silently copy a treasure trove of user data from a compromised iPhone: e-mail, contacts, SMSs, calendars, photos, music files, videos, as well as any data recorded by any iPhone app. Unlike the ikee worm, which signals its presence by changing the iPhone's wallpaper, this hacker tool gives no indication that it has invaded an iPhone.
Intego notes that the tool works by being installed onto a computer and then scanning the computer's network to find vulnerable iPhones.This hacker tool could easily be installed, for example, on a computer on display in a retail store, which could then scan all iPhones that pass within the reach of its network. Or, a hacker could sit in an Internet caf and let his computer scan all iPhones that come within the range of the wifi network in search of data. Hackers could even install this tool on their own iPhones, and use it to scan for jailbroken phones as they go about their daily business.
While antivirus software can protect computers from serving as hosts for the malicious software, Intego also notes that because no software is installed on the iPhone or iPod touch during the process, no external protection for users who are vulnerable to the malware can be deployed. Vulnerable users must change their default SSH passwords in order to thwart access attempts.Top Rated Comments
(View all)
If you must jailbreak, change your passwords people.
How is this news exactly? This is like complaining that someone stole your car after you left it running in the parking lot with a "FREE CAR" sign on it. Any competent user that uses SSH on a new box knows that the first thing you do is change the default root password. Mildly paranoid users do the smart thing and disallow root login via SSH entirely, relying on sudo -i.
Anyway, this is kind of common sense people. It's like many software installations that provide a default password; when you install a wireless router in your home, do you keep that default admin password? If you do, I feel for you and for the future of your gene recipients.
This is like complaining that someone stole your car after you left it running in the parking lot with a "FREE CAR" sign on it.
In fairness, while I knew about the default "alpine" password many, many moons ago, and I don't have SSH installed on my iPhone anyway, I've not seen too many people with "free car" signs on their cars, and yet these exploits on the iPhone do actually seem to be attracting targets. So you can conclude that many jailbreak users are idiots. Fine. But the fact remains that there are vulnerable people out there....
No offense, but why is the "news" here always a day late?
Anyway, this is kind of common sense people. It's like many software installations that provide a default password; when you install a wireless router in your home, do you keep that default admin password? If you do, I feel for you and for the future of your gene recipients.
This just in all phones with SSH and default password can be hacked by ANYONE in the world who has limited SSH knowledge.
[ Read All Comments ]
One of the most frequent reasons for an iPhone to go on a trip to the Apple Store's Genius Bar is because of water damage. Typically, a water damaged iPhone can be replaced for a flat $199...
TheVerge's Joshua Topolsky summarizes the iPad 3 casing findings reported earlier today, but also adds his own sources regarding some details of the iPad 3.
Image from RepairLabs
As...
Last July, Apple discontinued the white MacBook from its consumer lineup, pushing consumers toward the company's popular MacBook Air line or the 13-inch MacBook Pro. The company didn't kill...
Popular iPhone Twitter client Tweetbot has finally arrived on the iPad, with a user interface instantly familiar to any current Tweetbot user. Designed for the Twitter power-user, Tweetbot packs a...
Last month, we noted that Apple had signed a pair of leases for over 300,000 square feet of space in Sunnyvale, the company's first venture into the city next door to its home in Cupertino,...
