iPhone Worm – Serious This Time
iPhone users who have jailbroken their phones are now at risk to the first malicious worm for the iPhone. This new worm appears to only be affecting online bankers in the Netherlands for the moment, it was discovered by security
Source:Engadget
company F-Secure
It is specifically targeting people in the Netherlands who are using their iPhones for internet banking with Dutch online bank ING. It redirects the bank’s customers to a lookalike site with a log-in screen.
This isn’t like the worm that appeared a couple of weeks ago in Australia which simply changed jailbroken iPhones wallpapers to a picture of Rick Astley ”Rickrolling” users. Sorry but there’s nothing funny about this one. What’s more this worm attacks jailbroken iPod touches as well as iPhones. If you haven’t jailbroken your iPod or iPhone you should be safe from this worm.
Users who have jailbroken their devices and installed SSH and who have not changed their default password are the ones who will be affected by this worm. F-Secure say the number of devices currently infected is only in the hundreds but it has the potentially to spread. It may also become more dangerous as it “enables the phone to be accessed or controlled remotely without the permission of its owner.”
And recently reports are coming in saying that this worm now is stealing personal user data as well.
When active on an iPhone, the iBotnet worm changes the root password for the device, in order to prevent users from later changing that password themselves. It then connects to a server in Lithuania, from which it downloads new files and data, and to which it sends data recovered from the infected iPhone. The worm sends both network information about the iPhone and SMSs to the remote server. It is capable of downloading data, including executables that it uses to run and carry out its actions, as well as new files, providing botnet capabilities to infected devices
Users may be infected if they notice extremely short battery life when connected to Wi-Fi due to the worms activity. So you need to change your default SSH password or restore your device back to it’s original settings to protect your self from this worm.
Source:
Related posts:
Loading ...
