backtop


Print 47 comment(s) - last by pickymeek.. on Nov 24 at 6:49 PM

Jailbroken iPhone users with SSH and a default password are the target

The iPhone is one of the most popular smartphones on the market. By most accounts, the iPhone is the most likely of all smartphones to be used on the internet to access files on the go. There are also a growing number of iPhone users who are jailbreaking the devices to use unauthorized Apple software or to use the devices on other carrier networks.

Over the last few weeks, a worm targeted specifically at iPhones which are jailbroken and have SSH installed with the default password was found. The original worm was nothing more than an irritation and would change the background image of the iPhone to a picture of washed up pop star Rick Astley. Embarrassing for sure, but hardly what most would consider malicious.

A similar worm targeting jailbroken iPhones with SSH and the default password -- alpine -- is making its rounds in the Netherlands. The new worm is different from the first in that the latest is clearly malicious and has a financial motive behind it for the worm maker. BBC News reports that security firm F-Secure discovered the worm and that it targets users of Dutch online bank ING. The worm infects the iPhone and redirects the user to a fake login page.

Mikko Hypponen from F-Secure told BBC News, "It's the second iPhone worm ever and the first that's clearly malicious - there's a clear financial motive behind it."

At least for now the worm is limited to the Netherlands. However, the security firm points out that the worm could spread to more countries. The number of iPhones thought to be infected numbers only in hundreds. The worm is capable of spreading itself to other vulnerable iPhones that are connected to the same hotspot. A representative from ING told BBC News that it has alerted call center personal and that an official message would be placed on the ING bank website.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Wait a cotton pickin minute....
By Awax on 11/23/2009 10:54:44 AM , Rating: -1
Please check your facts : on iPhone, you can not run code that has not been signed by both Apple and a registered developper.
BUT the first thing you do when jailbreaking an iPhone is to remove this protection to allow the execution of any app.

So, you can not blame Apple for the lack of security of their platform while the reason this worm is spread is because the user broke and remove this security.


RE: Wait a cotton pickin minute....
By SiN on 11/23/2009 12:07:24 PM , Rating: 2
I rated you up, but meant to rate you down. No undo button for ratings i guess.

Anyway, as is pointed out before, it is Apples flawed security that allows jail braking and allows the worm to operate. The same way it would be MS's security flaw if the same happened.

So Apples finds itself in MS's position with market saturation of an Operating System which becomes targeted, everyone knew it was coming, and i guess we can all expect more of the same.
Apple still has a malicious worm, thats a matter of fact.

On a side note i quite like apple products, as i like others. I prefer Android to the iPhone though, i would expect android to be the next target as soon as it reaches market saturation.


By sprockkets on 11/23/2009 2:46:07 PM , Rating: 1
quote:
Anyway, as is pointed out before, it is Apples flawed security that allows jail braking and allows the worm to operate. The same way it would be MS's security flaw if the same happened.


Should we be angry at Microsoft since they also has that same "flawed" security by allowing users to turn off UAC and allows stuff to run without system checks?

Oh wait, nevermind, WinMob and Android with its anyone can make self-signed certificates has no security on their devices whatsoever.


“And I don't know why [Apple is] acting like it’s superior. I don't even get it. What are they trying to say?” -- Bill Gates on the Mac ads

Related Articles













botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki