|
|
Tuesday, November 24, 2009
|
iPhone Malware Gets More Malicious
|
|
You are sending an email that contains the article
and a private message for your recipient(s). |
| Your Name: |
|
| Your e-mail: |
* Required! |
| Recipient (e-mail): |
* |
| Subject: |
* |
| Introductory Message: |
|
HTML/Text
(Photo: Yes/No) |
(At the moment, only Text is allowed...)
|
| |
|
| Message Text: |
Just two weeks after the first report for the world's first iPhone worm (Ikee), this weekend has seen the discovery of a new example of iPhone malware in the shape of a worm (dubbed "Duh" after a section of its code) that is reported to be much more malicious in intent than Ikee.
Accoring to reports from internet security firm Sophos, the
new worm is similar to the original Ikee worm (and the recently discovered iPhone hacking tool) in so much as it only infects jailbroken iPhones, where users have installed OpenSSH and not changed the default password ("alpine").
"Jail broken" phones have Apple's security features key disabled in order to get around the terms of usage agreement of the device.
However, it is much more serious than the original Ikee worm because it is not limited to infecting iPhone users in Australia, and communicates with an internet Control & Command centre, downloading new instructions - effectively turning an iPhone into part of a botnet.
Furthermore, it appears to be designed to steal information from users of online banking services. The BBC is reporting that ING Direct is briefing its call centres so workers can provide advice about the worm to Dutch customers.
The hackers are trying to use the virus to obtain passwords to banking sites, according to researchers with anti-virus software maker Sophos. When an iPhone user tries to access a bank website, the Duh Worm directs the browser to a look-a-like site controlled by the hackers.
For sure, if hackers find they can make money out of poorly-secured jailbroken iPhones, they will continue to attack them.
For now, owners of a jailbroken iPhone might make sense to ensure that they have changed the default password. |
|
|
|
|