Virus attacks Jail broken iphones

Toggle sidebar Toggle sidebar
Bateluer

Bateluer

Lifer
Jun 23, 2001
27,730
8
0
http://www.engadget.com/2009/11/08/first-iphone-worm-rickrolls-jailbroken-phones/

We sort of knew this would happen as soon as we heard about that iPhone wallpaper hack in the Netherlands -- a hacker named ikex has created what's apparently the first iPhone worm, and it's currently infecting jailbroken iPhones across Australia. The "ikee" worm, as it's being called, takes advantage of the fact that jailbroken iPhones with SSH installed all have the same default root password of "alpine," and once in the system it changes your wallpaper to an image of Rick Astley and then tries to install itself on other jailbroken iPhones on the network. Sophos says it hasn't confirmed any infections outside of Oz, and to be clear, this worm can't get to stock iPhones or jailbreak owners who haven't installed SSH -- but if you're running a hacked phone we'd say you should change that root password just to be safe right away. Get to it, kids.
Click to expand...

I would think changing the root password would be a good idea. If you're smart enough to jail break your phone, you're smart enough to change the password.
 
gorcorps

gorcorps

aka Brandon
Jul 18, 2004
30,739
454
126
Didn't know you could change the password. Either way, I always have SSH disabled until I need it. Thanks for the info though
 
her209

her209

No Lifer
Oct 11, 2000
56,336
11
0
That's too funny. Next up, a virus that jailbreaks your iPhone automatically.
 
DivideBYZero

DivideBYZero

Lifer
May 18, 2001
24,117
2
0
her209 said:
That's too funny. Next up, a virus that jailbreaks your iPhone automatically.
Click to expand...

Totally plausible. If the jailbreak was the initial payload in a virus it could JB, then deploy some further nasty shieser to do whatever it wanted to, because at that point you can guarantee the root PW would be 'alpine'.
 
her209

her209

No Lifer
Oct 11, 2000
56,336
11
0
DivideBYZero said:
Totally plausible. If the jailbreak was the initial payload in a virus it could JB, then deploy some further nasty shieser to do whatever it wanted to, because at that point you can guarantee the root PW would be 'alpine'.
Click to expand...
It could then install a trojan and keylogger, steal all your contact info and passwords.
 
DivideBYZero

DivideBYZero

Lifer
May 18, 2001
24,117
2
0
her209 said:
It could then install a trojan and keylogger, steal all your contact info and passwords.
Click to expand...

And any other info you have in there, yes. It could even do an OTA dump of everything to a remote location for the attacker to pick through at his leisure.
 
P

pm

Elite Member Mobile Devices
Jan 25, 2000
7,419
22
81
Changing the root password used to cause the iPhone Springboard GUI to have issues. It used to be a very bad idea to change the root password.
http://www.espace.com.eg/blog/2009/02/26/only-idiots-change-their-iphone-root-password/

I presume since there are so many articles on Engadget and Gizmodo telling people to change their root password, that this issue is resolved.

Personally, I just turn off OpenSSH, when I'm not using it - saves batteries too.


It's worth noting that this issue can happen to any smartphone - the idea that only iPhones can get viruses is a bit like the Mac people saying that only Windows PC's get viruses. There's a lot of hackers looking to jailbreak iPhones, so they are the most vulnerable to the virus-writing community.
 
DivideBYZero

DivideBYZero

Lifer
May 18, 2001
24,117
2
0
pm said:
Changing the root password used to cause the iPhone Springboard GUI to have issues. It used to be a very bad idea to change the root password.
http://www.espace.com.eg/blog/2009/02/26/only-idiots-change-their-iphone-root-password/

I presume since there are so many articles on Engadget and Gizmodo telling people to change their root password, that this issue is resolved.

Personally, I just turn off OpenSSH, when I'm not using it - saves batteries too.


It's worth noting that this issue can happen to any smartphone - the idea that only iPhones can get viruses is a bit like the Mac people saying that only Windows PC's get viruses. There's a lot of hackers looking to jailbreak iPhones, so they are the most vulnerable to the virus-writing community.
Click to expand...


Viruses, yes, unlimited access to the underlying OS; No.
 
P

pm

Elite Member Mobile Devices
Jan 25, 2000
7,419
22
81
Jailbreaking is essentially trying to gain root access to an iPhone. I would bet that they kind of holes/vulnerabilities that are being found to jailbreak iPhones exist in all mobile phones OS's but the problem is that by tying the majority of phones to specific carriers and by locking down the OS and control of applications and data (music and video) so tightly, Apple has created a lot of incentive to hack their phones.

For iPhones, turn off SSH or don't install it at all, change the root password and turn off wifi when you aren't using it...
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom