First Malicious iPhone Worm Appears


Word cropped up over the weekend of a new worm hitting jailbroken iPhones, while it might not be the first iPhone worm to appear, it’s certainly one that’s more interesting for the panic-mongers out there, given the amount of activity it manages once it’s infected a device.

Those of you who keep up with iPhone news probably be aware that last week saw the arrival of the first worm for the device, which took advantage of the fact that very few users change their root password when they jailbreak and activate SSH, meaning that just anyone can effectively run code from your hardware. The first one just rickrolled your iPhoe, but the second is a significantly more devious affair.

According the TheRegister, the new worm connects to a Lithuanian server and changes your root password. Apparently, the beast then sorts through your texts, having a poke around for “mobile transaction authentication numbers” sent from banks to customers, which is some fairly scary stuff indeed.

Of course, things only get scarier when you learn that it propagates itself using IP ranges from a number of different carriers in different countries, meaning that it could spread in the US, the Netherlands or in Australia. Moreover, it goes a bit replication-crazy when you’re connected to a wireless network, trying so hard to find other devices that you might well notice a drop in battery life.

The fact is though, that this won’t be effecting too many people, if only because jailbroken iPhone users tend to be fewer and further between than you might think. Still, it just goes to show that when Apple says jailkbreaking could pose a significant security risk, it could well be telling the truth, not just guarding its App Store income.

If you’d like to read more, you’d do well to check out TheRegister’s article on the worm, which is essentially a collage of other security companies’ pieces on it. It’s a solid read.


Tags: , , , , , , , , , , , ,

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: