December 3, 2022
First Malicious iPhone Malware Detected

First Malicious iPhone Malware Detected

Posted November 11, 2009 at 6:44pm by iClarified · 11774 views
Following the recent discovery of a worm that changes wallpaper on iPhones1, Intego has spotted another piece of malware that attacks iPhones, one that is far more dangerous than the ikee worm. This hacker tool, which Intego identifies as iPhone/Privacy.A, takes advantage of the same vulnerability in the iPhone as the ikee worm, allowing hackers to connect to any jailbroken iPhone whose owners have not changed the root password.

When connecting to a jailbroken iPhone, this tool allows a hacker to silently copy a treasure trove of user data from a compromised iPhone: e-mail, contacts, SMSs, calendars, photos, music files, videos, as well as any data recorded by any iPhone app. Unlike the ikee worm, which signals its presence by changing the iPhone's wallpaper, this hacker tool gives no indication that it has invaded an iPhone.

Hackers using this tool will install it on a computer - Mac, PC, Unix or Linux - then let it work. It scans the network accessible to it, and when it finds a jailbroken iPhone, breaks into it, then steals data and records it.

This hacker tool could easily be installed, for example, on a computer on display in a retail store, which could then scan all iPhones that pass within the reach of its network. Or, a hacker could sit in an Internet café and let his computer scan all iPhones that come within the range of the wifi network in search of data. Hackers could even install this tool on their own iPhones, and use it to scan for jailbroken phones as they go about their daily business.

Intego VirusBarrier X5 detects and eradicates this program on Macs, and identifies it as iPhone/Privacy.A. While it is not possible to protect the iPhone from this hacker tool - it does not install anything on an iPhone - VirusBarrier X5 can ensure that Macs, especially in businesses, are protected from this hacker tool being installed.

Unfortunately, the massive amount of publicity given to the dutch hacker who took over a few iPhones has probably led us to this point. Its likely that Apple will use this to cast jailbreaking in a negative light. Obviously this has nothing to do with jailbreaking. Only those who install OpenSSH without changing their default password are at risk. Its a situation similar to the problem with routers. Many if most not most people do not change the default password on their routers, leaving their entire network at risk.

Read More

First Malicious iPhone Malware Detected
Add Comment
Would you like to be notified when someone replies or adds a new comment?
Yes (All Threads)
Yes (This Thread Only)
iClarified Icon
Would you like to be notified when we post a new Apple news article or tutorial?
You must login or register to add a comment...
harrissilver - November 12, 2009 at 7:20am
So, how do you change the OpenSSH password from the default on a jailbroken phone? Is there a tutorial on that? Is it the same as the unlock password for the phone?
Butchoy - November 12, 2009 at 3:09pm
There is a step by step tutorial in this site on how to change your password. Just search it.
Joe Cole
Joe Cole - November 11, 2009 at 10:40pm
Instead of sending malware to innocent iPhone users, this nerd should send a broadcast to all those a$$holes in Cupertino titled 'All Your iApples Are Belong To Us'.
Eric - November 11, 2009 at 7:24pm
they found the guy who programmed it... a 21 year old university student Read more check out the ShortURL
geekoid - November 12, 2009 at 8:43pm
That uni student is not this virus writer... he wrote the original "rickroll" version which did no damage.
Recent. Read the latest Apple News.
Tutorials. Help is here.
How to Create a Bootable macOS Ventura USB Installer [Video]
How to Fix 'No Matching Host Key Type Found' on Mac
Where to Download macOS Ventura
AppleTV Firmware Download Locations
Where To Download iPhone Firmware Files From
Deals. Save on Apple devices and accessories.