Modified iPhones Are Compromised By New Worm

November 25, 2009 by John Messina Apple's iPhone

Enlarge

(PhysOrg.com) -- Several research security firms have reported a new worm attack against jail broken iPhones, dubbed "Ikee.B or "Duh", this worm searches for personal and banking information.

The worm spreads by using the default password for applications that can be installed on jail broken . Once the iPhone is infected, the worm grabs text messages and searches for banking authorization codes used for at least one bank. The codes are then sent to a central server located in Lithuania.

With cybercriminals becoming savvier, it's only a matter of time before they find ways to infect iPhones that are not jail broken as well as other smartphone devices. Some researchers confirm that worm attacks against are evolving and it's becoming more common for cybercriminals to target personal and financial information stored on portable devices.

Researchers have confirmed that even Bluetooth connections between portable devices can be compromised with malicious code. A Bluetooth outbreak can be easily carried out in shopping malls, airports, or libraries, anywhere a cybercriminal may find potential victims.

The new worm easily infects jail broken iPhones by a weakness introduced into an application called OpenSSH. The application uses the default password 'alpine' that the worm uses to connect to the iPhone remotely. Since there is no shell code and no buffer overflow compromising the iPhone, writing code is fairly simple.

The attacks that have target iPhones this past month, focused on jail broken phones only. In the process of jail breaking a phone, the code that prevents users from loading any application they want is removed, thereby also removing most of the security that prevents from running on the smartphone.

With the evolution of hacking into portable devices growing, it's only a matter of time before phones employing Google's , and everything else will be compromised in one way or another.

More information: iPhone worm Rickrolls Australia

© 2009 PhysOrg.com


   
Rate this story - 5 /5 (4 votes)

Rank Filter

Move the slider to adjust rank threshold, so that you can hide some of the comments.


Display comments: newest first

  • Inco - Nov 25, 2009
    • Rank: 5 / 5 (1)
    Its hardly OpenSSH that have a weakness. Looks more like installation bundle takes a few shortcuts.
    Regarding Android, yes it is likely it will get worms/viruses in the future though not the same quantity of them.
    The reasons for rooting an Android phone is quite small. And applications don't run with full privileges. For iPhone, metasploit.com have for a long time pointed out weaknesses in the security model of the phone. Its security by only allowing Apple to install programs, and just hope those programs don't have flaws.

November 25, 2009 all stories

Comments: 1

5 /5 (4 votes)

  • hide

  • Related Stories

  • iPhone worm Rickrolls Australia
    created Nov 10, 2009 | popularity not rated yet | comments 0
  • The malware attack against mobile phones is mounting
    created Dec 23, 2004 | popularity not rated yet | comments 0
  • Wikipedia launches iPhone application
    created Aug 20, 2009 | popularity not rated yet | comments 0
  • The Raging Windows Worm has attacked over 8.9 Million Computers
    created Jan 19, 2009 | popularity not rated yet | comments 0
  • Skype comes to iPhones on Tuesday
    created Mar 30, 2009 | popularity not rated yet | comments 0



  • hide

  • Relevant PhysicsForums posts

  • How to measure recoil force?
    created 26 minutes ago
  • How to obtain time constant of servo motor
    created 3 hours ago
  • How to calculate section constants for rectangular tubes?
    created 7 hours ago
  • how to welding thin SS foil (0.002")?
    created Feb 08, 2010
  • More from Physics Forums - General Engineering

Other News

Robot to take starring roles in S.Korea plays

Electronics / Robotics

created 5 hours ago | popularity 5 / 5 (1) | comments 0

A South Korean-developed robot that played to acclaim in "Robot Princess and the Seven Dwarfs" is set for more leading theatre roles this year, a scientist said Wednesday.


Student Builds Spider Robot From Spare Parts

Student Builds Spider Robot From Spare Parts (w/ Video)

Electronics / Robotics

created 17 hours ago | popularity 4.6 / 5 (11) | comments 3

Picture a spider-like robot that teaches itself to walk, can adapt when damaged and watches its maker as he moves around the room. That might sound terrifying.


Seagate Ships 10,000 RPM 600 GB 2.5-inch Hard Drive

Electronics / Hardware

created 15 hours ago | popularity 2.7 / 5 (3) | comments 0

Seagate today announced worldwide shipments of its Savvio 10K.4 hard disk drive (HDD), the world's highest-capacity and most reliable 2.5-inch enterprise-class drive.


Millimeter-scale, energy-harvesting sensor system developed

Millimeter-scale, energy-harvesting sensor system developed

Electronics / Hardware

created Feb 08, 2010 | popularity 4.8 / 5 (12) | comments 5 | with audio podcast

(PhysOrg.com) -- A 9-cubic millimeter solar-powered sensor system developed at the University of Michigan is the smallest that can harvest energy from its surroundings to operate nearly perpetually.


Robonaut 2: NASA, GM Create Cutting Edge Robotic Technology

Robonaut 2: NASA, GM Create Cutting Edge Robotic Technology

Electronics / Robotics

created Feb 04, 2010 | popularity 4.5 / 5 (13) | comments 9 | with audio podcast

(PhysOrg.com) -- Robonaut is evolving. NASA and General Motors are working together to accelerate development of the next generation of robots and related technologies for use in the automotive and aerospace ...




PhysOrg Account
advanced search
  • follow with twitter
  • follow on facebook
  • read with kindle
  • customize RSS
  • newsletter