toggle

AAPL Stock: 443.51 ( + 2.16 )

http://www.macnn.com/articles/09/11/23/code.works.in.similar.way.to.recent.5.euro.scam/

Malicious worm targets jailbroken iPhones

updated 01:45 pm EST, Mon November 23, 2009

 

Code works in similar way to recent 5 Euro scam


A new worm has begun targeting iPhones and iPod touches, however it only appears to attack jailbroken devices, according to the security company Sophos. The worm, which works in a similar way to the recent 5 Euro scam, was reportedly discovered after a Dutch ISP noticed unusually high volumes of data traffic.

Unlike the earlier extortion scheme and a separate Rick Astley worm, the latest virus utilizes command-and-control code that allows hackers to access personal information. A variety of IP ranges have been targeted, leaving ISPs such as UPC, Optus and T-Mobile vulnerable. Any stolen data is then uploaded to a Lithuanian server, while each device is assigned a unique ID as a reference for the attackers.

Creators of earlier worms had warned users to change the default root password from the default of "alpine." The malicious worm takes advantage of this vulnerability by changing the password to prevent the user from securing the device.

Although the intent of the worm is unclear, it apparently searches for mTANs authentication messages which contain one-time passwords for bank logins.

Owners of jailbroken iPhones may notice extremely short battery life after infection when connected to Wi-Fi networks. Users can also check to verify that the root password is still "alpine." If it has been changed, Sophos blogger Paul Ducklin has posted the alleged new password.


by MacNN Staff

toggle

Comments

  1. njfuzzy

    Fresh-Faced Recruit

    Joined: Apr 2001

    +8

    Bad Press

    I really think it's disappointing that most of the press covering this issue isn't really highlighting the fact that this doesn't affect iPhones, it only affects hacked/jailbroken devices with unauthorized software modifications. People who use their phones legitimately aren't getting these worms.

  1. njfuzzy

    Fresh-Faced Recruit

    Joined: Apr 2001

    -1

    Bad Press

    I really think it's disappointing that most of the press covering this issue isn't really highlighting the fact that this doesn't affect iPhones, it only affects hacked/jailbroken devices with unauthorized software modifications. People who use their phones legitimately aren't getting these worms.

  1. Bearcat

    Fresh-Faced Recruit

    Joined: Sep 2009

    +4

    Duh!

    Yet another reason NOT to mess with the internal coding of your phones, iPhone or otherwise! You break the code, you will pay the price at some point.

  1. testudo

    Forum Regular

    Joined: Aug 2001

    0

    Right...

    People who use their phones legitimately aren't getting these worms.

    Legitimately? Who gets to decide whether it is legitimate or not?

    And maybe if Apple weren't so dictatorial about deciding what programs one can and cannot put on their phones, people wouldn't need to jailbreak them to get them to do what they want, for, then, there wouldn't be a need to put an SSH server on the phone and, as such, wouldn't leave the phone vulnerable.

    Yet another reason NOT to mess with the internal coding of your phones, iPhone or otherwise! You break the code, you will pay the price at some point.

    No, this is another reason why people should change the default password on devices and software that come with a default password. If you installed a pre-packaged SSH server on your home computer and didn't change the pre-packaged pre-defined password, you're leaving yourself open to being hacked as well.

Login Here

Not a member of the MacNN forums? Register now for free.

 
close
Photo
toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

MaxUpgrades MaxConnect for 2006-2008 Mac Pro

Nobody outside of Cupertino's privileged bunch knows the future of the Mac Pro line for sure. Despite Apple's reluctance to tell us wh ...

Brother HL-3170CDW LED Printer

We've mentioned before that we are far from a paperless society. For now, at least, there are tasks that require a piece of paper for ...

HTC One

It is hard to overstate just how critically important the HTC One is to the Taiwanese company’s fortunes. Despite its alarming decline ...

toggle

Most Commented