3rd iPhone botnet malware making zombies in the wild

Posted by Steve Burgess at 11/23/2009 5:07 PM
Categories: iPhone,botnet,computer security
Tags: virus worm iPhone botnet computer security
A worm has been discovered that gives the hacker complete access to the victim's iPhone. While the third such attack discovered, it is the first one that does damage. The new work will offer the hacker any user data on the phone - photos, memos with other passwords, calendars, contacts and more.

Security firm Intego, the apparent discoverer of this worm, calls it the "iPhone/Privacy.A Virus." The address ranges this worm can affect are for ISPs in Australia, Hungary, the Netherlands and Portugal.

iPhones that are not jailbroken are not currently susceptible to this attack. Jailbroken iPhones are not susceptible if the default SSH password has been changed or if SSH is not installed on the phone.

SSH stands for Secure Shell (or sometimes Secure Sockets Shell) and is a program that allows for two remote devices on a network (such as an iPhone and a computer) to exchange data. It's generally designed to make the exchange of data more secure and is commonly used by system administrators to remotely control servers.

A "jailbroken" iPhone is one that has been modified by the user to allow other cell phone providers besides the authorized AT&T activate on the phone.

A botnet is a series of Internet-connected devices that can be used, usually without the owner's knowledge, to send spam, viruses or other malware, or to be used in other attacks, commonly known as becoming a "zombie".

While not a current worry to those whose phones are not jailbroken, who are in the US, UK, or other countries not as yet affected, or who have remembered to change the default SSH password on their jailbroken phones, it can be highly damaging to those susceptible to the worm. 

Other exploits for a wider range of iPhones are surely just around the corner.

 

What did you think of this article?




Trackbacks
Trackback specific URL for this entry
  • No trackbacks exist for this entry.
Comments
Display comments as (Linear | Threaded)
Page: 1 of 1
Page: 1 of 1
Leave a comment

Submitted comments will be subject to moderation before being displayed.

 Enter the above security code (required)

 Name (required)

 Email (will not be published) (required)

 Website

Your comment is 0 characters limited to 3000 characters.