• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • Malware Allows Access to Jailbroken iPhones


    Well, we all knew this was coming.

    The Macintosh security firm Intego reports that they have identified malware that will allow hackers to access data on jailbroken iPhones running OpenSSH with the default root password 'alpine.' Unjailbroken iPhones, devices not running sshd, and devices with unique root passwords are not vulnerable to this exploit. Though Intego currently categorizes the risk of the malware as "low," users should act to secure their phones.

    The tool - which Intego identifies as "iPhone/Privacy.A" - works by being installed onto a "Mac, PC, Unix or Linux" computer - or another iPhone - and then scanning the computer's network to find ssh services.

    This hacker tool could easily be installed, for example, on a computer on display in a retail store, which could then scan all iPhones that pass within the reach of its network. Or, a hacker could sit in an Internet café and let his computer scan all iPhones that come within the range of the wifi network in search of data. Hackers could even install this tool on their own iPhones, and use it to scan for jailbroken phones as they go about their daily business.
    When a vulnerable iPhone is found, the hacker can then download all personal data stored on the device: "e-mail, contacts, SMSs, calendars, photos, music files, videos, as well as any data recorded by any iPhone app."

    Intego recommends its own VirusBarrier X5 software to identify and eradicate the software on a Mac, but notes there is no detection tool for other computer platforms, or for the iPhone itself. Users of jailbroken phones should not enable ssh except when needed, and should change their root passwords:
    • install and run "Mobile Terminal"
    • type su root at the shell prompt and tap enter
    • type passwd and tap enter
    • enter alpine for your old password
    • enter new password
    • enter new password again to confirm

    image via Intego
    This article was originally published in forum thread: Malware Allows Access to Jailbroken iPhones started by Paul Daniel Ash View original post
    Comments 65 Comments
    1. dq13's Avatar
      dq13 -
      as soon as the news came up with the "virus" from that guy changing the background and demanding paypal money, I knew someone was gonna come out with something like this... good think I never run OpenSSH
    1. nighthawk283's Avatar
      nighthawk283 -
      Another one whats up with that wow
    1. jaynelson134's Avatar
      jaynelson134 -
      can i change my password in cyberduck?
    1. amybest222's Avatar
      amybest222 -
      how do i know if im Jailbroken Iphone is open ssh
    1. akamandito's Avatar
      akamandito -
      wow that sucks.. im glad i did changed password since the first gen iphone to 3Gs. i usually use openssh to mod my iphone with winscp and all that. just change the password and u will be fine. i hope so have a nice day
    1. blkcadi's Avatar
      blkcadi -
      ^if you installed it, it is there. If not your fine.
    1. dq13's Avatar
      dq13 -
      Quote Originally Posted by amybest222 View Post
      how do i know if im Jailbroken Iphone is open ssh
      by default, its not.. so if you don't know what it is or never used it, you have nothing to worry about cuz its not running
    1. bbillh77's Avatar
      bbillh77 -
      who leaves a default password anyway
    1. suicidesam's Avatar
      suicidesam -
      I think i've been breached...I can't change the password it won't let me type in alpine
    1. yahoowizard's Avatar
      yahoowizard -
      I think Apple's hacking us so that they can get less jailbreakers, lol.
    1. jedized's Avatar
      jedized -
      Please revise your steps to change the password using mobile terminal. They are wrong. That will
      only change the
      password for user 'mobile' and still leave the hacker access to the user 'root' giving them full control of the device STILL.
    1. ramsizzle's Avatar
      ramsizzle -
      im a hardcore idiot when it comes to this ...how do i go about changing my password in winSCP?
    1. wgm214's Avatar
      wgm214 -
      openshh is not even a dependency for any packages, I don't understand why so many newbies hve it installed. if you have no idea how to use it, uninstall it. if you do actually use it, you have three options. You can either consider an alternative, like USB-file transfer with diskaid or netalk which will work for mac. if you do like the ability to do over the air transfer then either change your shh password with mobileterminal or disable shh via sbsettings. if you dot have openshh installed, don't worry about getting a "virus." charlie miller may be an ultimate hacker, but some of things he says are just plan excagerated.
    1. TooSlo's Avatar
      TooSlo -
      Quote Originally Posted by jedized View Post
      Please revise your steps to change the password using mobile terminal. They are wrong. That will
      only change the
      password for user 'mobile' and still leave the hacker access to the user 'root' giving them full control of the device STILL.
      That's why you log in using SU.

      Now, I might be a little rusty since it's been a while.

      Open Terminal and type in "su"

      This should prompt you to use your credentials to log in.

      Follow the steps below while still having SU privileges and it SHOULD change that password.

      At least that's how I've been doing it when playing around on my HTC, and if I recall, the commands are spot on with the iPhones.
    1. punjabi212's Avatar
      punjabi212 -
      I un-installed all SSH stuff I had on my iphone but it still showing up in my SBsettings. Does that mean its still on my phone or its jus there for no reason?
    1. TooSlo's Avatar
      TooSlo -
      Quote Originally Posted by wgm214 View Post
      openshh is not even a dependency for any packages, I don't understand why so many newbies hve it installed. if you have no idea how to use it, uninstall it. if you do actually use it, you have three options. You can either consider an alternative, like USB-file transfer with diskaid or netalk which will work for mac. if you do like the ability to do over the air transfer then either change your shh password with mobileterminal or disable shh via sbsettings. if you dot have openshh installed, don't worry about getting a "virus." charlie miller may be an ultimate hacker, but some of things he says are just plan excagerated.
      Well, it's not exactly true if you are jailbreaking your device on 3.1.2, as you have to SSH to modify the Services.plist if you want to enable USB connectivity to your phone.

      The only way to actually replace that file is.....

      USING SSH!
    1. Poseidon79's Avatar
      Poseidon79 -
      Quote Originally Posted by ramsizzle View Post
      im a hardcore idiot when it comes to this ...how do i go about changing my password in winSCP?
      Read the first post at the bottom for instructions. It's done with mobile terminal which is downloaded from Cydia.
    1. one1's Avatar
      one1 -
      Dear Apple,


      You can stop releasing bugs to try and scare people to quit jail breaking. It doesn't work.



      ~The Community.
    1. Gent1eman's Avatar
      Gent1eman -
      You can change it even quicker if you have mobileterminal installed, just type in the command "passwd" and you can just change it simply from there.
    1. psychodave's Avatar
      psychodave -
      Good Info thanks! Though it would be fun to replace a few wallpapers on my friends phones first HA HA.