A week has barely passed since the first iPhone worm (Worm.iPhoneOS.Ikee) came ‘rickrolling’ into our collective awareness, and now we already have its first official copycat!
A new Trojan has been spotted employing the very same technique employed by the ikee worm to break into jailbroken iPhones. It scans a network (a home, office, or public wifi network would suffice) for the presence of jailbroken iPhones still running SSH. Enabling SSH is a common step in jailbreaking as these allows the user to login to the phone remotely and execute shell commands. And, as should be common knowledge by now, all iPhones have the same default root password that users neglect to change after jailbreaking them.
What this new Trojan lacks in originality of technique, however, it more than makes up for with a more vicious payload. Whereas the ikee worm contents itself with changing the iPhone wallpaper, this new Trojan will steal data from compromised devices! This means all SMS and contacts list stored in vulnerable phones are up for grabs!
While these new iPhone malwares are breaking news, we should realize that the SSH vulnerability it exploits is really nothing new. It has been there ever since the first jailbroken iPhone. In fact, before ikee, Ars Technica ran an article article on their site about a ‘ransomware’ spreading in the Netherlands. It scans networks for iPhones with SSH enabled, then sends the owners the following SMS message:
When you visit his site, he then charges you €5 for instructions on how to secure your phone, information that is actually available to anyone for free.
So lets all learn the lesson here. First, there are very real risks to jailbreaking. Second, and more important, never use default passwords, whether for your combination locks at home or for your digital devices.
View full post on iAntiVirus Blog
Related Posts
- PDF Info Stealer PoC
An info stealer is malware that steals credentials or files from its victims.
Info stealers don’t require admin rights to perform their task, and can be designed to evade or bypass AV, HIPS, DLP... - Frisky Solitaire – Another Info Stealer
Marcus Murray gave a great talk at TechEd Berlin 2009: “Hack-Proofing Your Clients Using Windows 7 Security”. In one of his demos, he showed a trojaned Excel spreadsheet. The spreadsheet w... - Cyberattack targets France’s G20 plans
After hackers successfully penetrated the computer systems of the Canadian federal government, and after McAfee revealed the Night Dragon cyberattack against global oil, gas, and petrochemical compani... - ZeuS Targets Mobile Users
As early as 2006, Trend Micro already recognized the fact that the BlackBerry technology could be exploited by cybercriminals. The smartphone may have remained spared from malware attacks over the yea... - Following the Money: Evolving Cybercrime Techniques and Targets
Online transactions offer great convenience to both vendors and customers alike. It provides a means to conduct transactions that are better suited to most users’ current lifestyle, which increasingly... - Steam phishing targets video game players
Steam, the world's largest online gaming platform, is increasingly being targeted by phishers trying to steal credentials from its 30 million users.
If you're not familiar with Steam, just imagine som... - NY document: ID theft ring targets Apple stores (AP)
AP - Dozens of people have been charged with forming a prolific identity theft ring that used thousands of stolen credit card numbers to shop at Apple stores around the country, according to a court ... - Important preliminary info on Anti-Malware 5.0: Name change
Important preliminary information on Anti-Malware 5.0: Name change Emsisoft Anti-Malware - New Freeware mode - a-squared Free becomes the Emsisoft Emergency Kit
Full story: a-squared - English... - Malware Targets Security Software in China and Taiwan
The Bohu family of Trojans has recently earned some media attention. It’s a common malware family that is prevalent in Chinese-speaking part of the world, as can be seen in the spread of one va... - Mobile device makers react differently to attack info, researcher says
When a researcher at an ethical-hacking firm discovered mobile devices from Apple, Google, RIM and HTC had a flaw in them that would allow an attacker using malicious Web code to freeze them up and c...
Posted on 03 May 2010. Tags: Info, iPhones, Jailbroken, Stealer, Targets
