No. 1 Story

Construction needs cloud flexibility

Australia’s embattled construction sector could benefit from cloud based information systems that can be switched on and off in lockstep with individual projects – with the exception of those organisations based in remote areas like the Kimberleys.

read more

Related Articles

The, iPhone, virus, now, has, payload
Juniper offers SSL VPN security for the iPad
Juniper Networks has extended its SSL VPN security to the iPad with the release...
Read More
Social networking - the security dilemma
A recent survey by security company Sophos exposes the dilemma to business posed by...
Read More
How unique is your presence on the Internet?
You might think that thousands, nay millions of people will be on the Internet...
Read More
AppLabs and Original Software Partner to Help Clients Take the Step from Manual to Automated...
- Sponsored Editorial - AppLabs sees huge value proposition for its clients with...
Read More
Planit tests the water in New Zealand
- sponsored editorial - Australian independent software testing and training organisation, Planit,...
Read More

More From

Popular Threads

The iPhone virus now has a payload

David Heath
Thursday, 12 November 2009 03:59

Business IT - Security

View Comments
As expected, the Naughty Lads of the Internet have picked up the original iPhone virus and made it do something 'useful.'  If you have a jailbroken iPhone or iPod Touch, change the SSH password NOW!

iTWire has published a number of stories on the recent iPhone / iPod Touch virus Ikee and it was alluded in these that the naughty boys would pick up on the basic code and make it do something useful.

Guess what, they have already!

Reports are flooding in from a variety of virus research organisations that a new virus, called iPhone/Privacy.A is definitely stealing user data.  Peter James, of Intego, writing on his blog observes that, "When connecting to a jailbroken iPhone, this tool allows a hacker to silently copy a treasure trove of user data from a compromised iPhone: e-mail, contacts, SMSs, calendars, photos, music files, videos, as well as any data recorded by any iPhone app. Unlike the ikee worm, which signals its presence by changing the iPhone's wallpaper, this hacker tool gives no indication that it has invaded an iPhone.

"Hackers using this tool will install it on a computer – Mac, PC, Unix or Linux – then let it work. It scans the network accessible to it, and when it finds a jailbroken iPhone, breaks into it, then steals data and records it."

James also observes that there is no reason why this wouldn't make a wonderful addition to a display PC in a computer store, after-all, computer store visitors are probably more likely to have jailbroken iPhones in their pocket!  Intego estimates that around 6 – 8% of all iPhones have been jailbroken.

David Harley, writing on his ESET blog confirms that the host-side data collection tool, being Python-based, will run on pretty-well any computer from MS-DOS, through Windows, Linux and Mac-OS.

By the way, for the (currently smug) non-jailbroken iPhone owners, noted virus researcher Charlie Miller of Independent Security Evaluators (interviewed by Computerworld earlier this week) observed that "While jailbreaking your iPhone puts you at risk for this particular bug, its not the case that non-jailbroken iPhones are immune to attack.  The SMS vulnerability I talked about at Black Hat [last July] also would give root access to an iPhone whether it was jailbroken or not. And I certainly didn't find the only bug like that."

Instructions on changing the SSH password are contained in the cooments to the original iTWire article on the subject.

Our Services for Technology Professionals

E - mail News SMS Headlines Desktop Alerts News Feeds Job Alerts Technology Events Press-Releases