New Malicious Worm Affects Jailbroken iPhones in Netherlands [Updated x2]
It is specifically targeting people in the Netherlands who are using their iPhones for internet banking with Dutch online bank ING. It redirects the bank's customers to a lookalike site with a log-in screen.
F-Secure estimates the number of affected phones to be only in the "hundreds" at this point, though it could theoretically spread. The worm appears to exploit the same users as the harmless Australian worm which displayed a photograph of popsinger Rick Astley. A second worm operating using the same mechanism was found just days later to be capable of accessing personal information. Only individuals who had specifically jailbroken their iPhones, installed SSH and not changed the default password seem to have the potential to be affected.This particular worm, however, is potentially far more serious as according to F-Secure it also "enables the phone to be accessed or controlled remotely without the permission of its owner."
Update: Additional information from Intego reveals that the worm also steals personal data as well as opens the iPhone up to further access/control.
When active on an iPhone, the iBotnet worm changes the root password for the device, in order to prevent users from later changing that password themselves. It then connects to a server in Lithuania, from which it downloads new files and data, and to which it sends data recovered from the infected iPhone. The worm sends both network information about the iPhone and SMSs to the remote server. It is capable of downloading data, including executables that it uses to run and carry out its actions, as well as new files, providing botnet capabilities to infected devices
Update 2: The Loop reports that Apple has issued a brief statement regarding the latest threat:"The worm affects only a very specific set of iPhone users who have jail broken their iPhones and hacked it with unauthorized software," Apple spokesperson, Natalie Harrison, told The Loop. "As we've said before, the vast majority of customers do not jailbreak their iPhones, and for good reason. These hacks not only violate the warranty, they will also cause the iPhone to become unstable and not work reliably."
Top Rated Comments
(View all)
http://news.bbc.co.uk/1/hi/technology/8373739.stm
This one looks a looks a bit nasty!
ok so you jailbreak your phone do the ssh thing automaticly get installed or is it something that the jailbreaker can install on is device?
ok so you jailbreak your phone do the ssh thing automaticly get installed or is it something that the jailbreaker can install on is device?
you choose whether to install it or not...
even if you have it installed, u can remove it via Cydia..
if you do install, and use SSH, then obviously change the default password :)
"Users who have installed SSH and not changed the password are especially at risk"
Surely they are the only ones at risk??
Actually that didn't sound like sensationalization to me, and in the case of people who haven't done the obvious and changed the password perhaps it should be embiggened to some degree.
well yes, or simply a report written for those who are effected, namely jail broken iphone users, as i would imagine the majority of people just don't care.
(embiggened, lol, are you referencing The Simpsons or string theory.)
I would not put it past Steve Jobs to have a small team that writes these worms.
This is slightly putting me off of getting the iPhone, but if its only jailbroken iPhones. Clearly apples security is good its just when people illegally jailbreak them that the security fails.
If they can get to a phone outside the AT&T network they can get to the same phones inside the AT&T network, me thinks this worm has originated from inside of Apple.
This one is only due to owners not changing the default pass word. That tells me it could also effect the other iPhones on the AT&T network, and lends credibility that Apple may very well be behind this.
Who else would spend the time to go after such a small user base as jailbreak iPhones.
Makes you wonder!
[ Read All Comments ]
One of the most frequent reasons for an iPhone to go on a trip to the Apple Store's Genius Bar is because of water damage. Typically, a water damaged iPhone can be replaced for a flat $199...
TheVerge's Joshua Topolsky summarizes the iPad 3 casing findings reported earlier today, but also adds his own sources regarding some details of the iPad 3.
Image from RepairLabs
As...
Last July, Apple discontinued the white MacBook from its consumer lineup, pushing consumers toward the company's popular MacBook Air line or the 13-inch MacBook Pro. The company didn't kill...
Popular iPhone Twitter client Tweetbot has finally arrived on the iPad, with a user interface instantly familiar to any current Tweetbot user. Designed for the Twitter power-user, Tweetbot packs a...
Last month, we noted that Apple had signed a pair of leases for over 300,000 square feet of space in Sunnyvale, the company's first venture into the city next door to its home in Cupertino,...
