Over the last few weeks, a worm targeted
specifically at iPhones which are jailbroken and have SSH installed
with the default password was found. The original worm was nothing
more than an irritation and would change
the background image of the iPhone to a picture of washed up pop
star Rick Astley. Embarrassing for sure, but hardly what most would
A similar worm targeting jailbroken
iPhones with SSH and the default password -- alpine -- is making its
rounds in the Netherlands. The new worm is different from the first
in that the latest is clearly
malicious and has a financial motive behind it for the worm
maker. BBC News reports that security firm F-Secure discovered
the worm and that it targets users of Dutch online bank ING. The worm
infects the iPhone and redirects the user to a fake login page.
Mikko Hypponen from F-Secure told BBC News, "It's
the second iPhone worm ever and the first that's clearly malicious -
there's a clear financial motive behind it."
At least for
now the worm is limited to the Netherlands. However, the security
firm points out that the worm could spread to more countries. The
number of iPhones thought to be infected numbers only in hundreds.
The worm is capable of spreading itself to other vulnerable iPhones
that are connected to the same hotspot. A representative from ING
told BBC News that it has alerted call center personal and
that an official message would be placed on the ING bank website.
quote: iPhones which are jailbroken and have SSH installed with the default password was found.