New Malicious Worm Affects Jailbroken iPhones in Netherlands [Updated x2]
It is specifically targeting people in the Netherlands who are using their iPhones for internet banking with Dutch online bank ING. It redirects the bank's customers to a lookalike site with a log-in screen.
F-Secure estimates the number of affected phones to be only in the "hundreds" at this point, though it could theoretically spread. The worm appears to exploit the same users as the harmless Australian worm which displayed a photograph of popsinger Rick Astley. A second worm operating using the same mechanism was found just days later to be capable of accessing personal information. Only individuals who had specifically jailbroken their iPhones, installed SSH and not changed the default password seem to have the potential to be affected.This particular worm, however, is potentially far more serious as according to F-Secure it also "enables the phone to be accessed or controlled remotely without the permission of its owner."
Update: Additional information from Intego reveals that the worm also steals personal data as well as opens the iPhone up to further access/control.
When active on an iPhone, the iBotnet worm changes the root password for the device, in order to prevent users from later changing that password themselves. It then connects to a server in Lithuania, from which it downloads new files and data, and to which it sends data recovered from the infected iPhone. The worm sends both network information about the iPhone and SMSs to the remote server. It is capable of downloading data, including executables that it uses to run and carry out its actions, as well as new files, providing botnet capabilities to infected devices
Update 2: The Loop reports that Apple has issued a brief statement regarding the latest threat:"The worm affects only a very specific set of iPhone users who have jail broken their iPhones and hacked it with unauthorized software," Apple spokesperson, Natalie Harrison, told The Loop. "As we've said before, the vast majority of customers do not jailbreak their iPhones, and for good reason. These hacks not only violate the warranty, they will also cause the iPhone to become unstable and not work reliably."
Top Rated Comments
(View all)
http://news.bbc.co.uk/1/hi/technology/8373739.stm
This one looks a looks a bit nasty!
ok so you jailbreak your phone do the ssh thing automaticly get installed or is it something that the jailbreaker can install on is device?
ok so you jailbreak your phone do the ssh thing automaticly get installed or is it something that the jailbreaker can install on is device?
you choose whether to install it or not...
even if you have it installed, u can remove it via Cydia..
if you do install, and use SSH, then obviously change the default password :)
"Users who have installed SSH and not changed the password are especially at risk"
Surely they are the only ones at risk??
Actually that didn't sound like sensationalization to me, and in the case of people who haven't done the obvious and changed the password perhaps it should be embiggened to some degree.
well yes, or simply a report written for those who are effected, namely jail broken iphone users, as i would imagine the majority of people just don't care.
(embiggened, lol, are you referencing The Simpsons or string theory.)
I would not put it past Steve Jobs to have a small team that writes these worms.
This is slightly putting me off of getting the iPhone, but if its only jailbroken iPhones. Clearly apples security is good its just when people illegally jailbreak them that the security fails.
If they can get to a phone outside the AT&T network they can get to the same phones inside the AT&T network, me thinks this worm has originated from inside of Apple.
This one is only due to owners not changing the default pass word. That tells me it could also effect the other iPhones on the AT&T network, and lends credibility that Apple may very well be behind this.
Who else would spend the time to go after such a small user base as jailbreak iPhones.
Makes you wonder!
[ Read All Comments ]
Hardware.info points to a presentation slide from NVIDIA showing the range of products the company's graphics chips power. The tagline reads,"From Super Phones to Super Computers". The...
Realmac Software and Impending have just released Clear to the App Store. Clear is a simplified list making application that was announced at Macworld. The App's claim to fame is the extremely...
M.I.C gadget reports that it has received information from sources indicating that Apple is "close to finally updating" its aging Mac Pro line. As we detailed in a report last month, the...
Electronista reports on a new article [Google translation] from Taiwan's Commercial Times claiming that Apple is planning for production of 65-70 million iPad 3 displays in 2012, paving the way...
CLOG, a new quarterly architecture magazine, has opted to cover Apple in its just-published February 2012 issue. The magazine offers nearly 150 pages of stories and images about Apple and...
