Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.
11-11-2009, 01:37 PM #1
Malware Allows Access to Jailbroken iPhones
Well, we all knew this was coming.
The Macintosh security firm Intego reports that they have identified malware that will allow hackers to access data on jailbroken iPhones running OpenSSH with the default root password 'alpine.' Unjailbroken iPhones, devices not running sshd, and devices with unique root passwords are not vulnerable to this exploit. Though Intego currently categorizes the risk of the malware as "low," users should act to secure their phones.
The tool - which Intego identifies as "iPhone/Privacy.A" - works by being installed onto a "Mac, PC, Unix or Linux" computer - or another iPhone - and then scanning the computer's network to find ssh services.
This hacker tool could easily be installed, for example, on a computer on display in a retail store, which could then scan all iPhones that pass within the reach of its network. Or, a hacker could sit in an Internet café and let his computer scan all iPhones that come within the range of the wifi network in search of data. Hackers could even install this tool on their own iPhones, and use it to scan for jailbroken phones as they go about their daily business.
Intego recommends its own VirusBarrier X5 software to identify and eradicate the software on a Mac, but notes there is no detection tool for other computer platforms, or for the iPhone itself. Users of jailbroken phones should not enable ssh except when needed, and should change their root passwords:
- install and run "Mobile Terminal"
- type su root at the shell prompt and tap enter
- type passwd and tap enter
- enter alpine for your old password
- enter new password
- enter new password again to confirm
image via Intego
Last edited by Paul Daniel Ash; 11-11-2009 at 03:22 PM. Reason: h/t jedized and TooSlo for corrections to password commands
11-11-2009, 01:51 PM #2
as soon as the news came up with the "virus" from that guy changing the background and demanding paypal money, I knew someone was gonna come out with something like this... good think I never run OpenSSH
11-11-2009, 01:52 PM #3
Another one whats up with that wow
11-11-2009, 01:54 PM #4
can i change my password in cyberduck?
11-11-2009, 01:55 PM #5
how do i know if im Jailbroken Iphone is open ssh
11-11-2009, 01:55 PM #6
- Join Date
- Dec 2007
- Thanked 2 Times in 1 Post
wow that sucks.. im glad i did changed password since the first gen iphone to 3Gs. i usually use openssh to mod my iphone with winscp and all that. just change the password and u will be fine. i hope so have a nice day
11-11-2009, 01:58 PM #7
^if you installed it, it is there. If not your fine.
11-11-2009, 02:00 PM #8
11-11-2009, 02:10 PM #9
who leaves a default password anyway
11-11-2009, 02:14 PM #10
I think i've been breached...I can't change the password it won't let me type in alpine
11-11-2009, 02:25 PM #11
I think Apple's hacking us so that they can get less jailbreakers, lol.
11-11-2009, 02:26 PM #12
Please revise your steps to change the password using mobile terminal. They are wrong. That will
only change the
password for user 'mobile' and still leave the hacker access to the user 'root' giving them full control of the device STILL.
11-11-2009, 02:28 PM #13
im a hardcore idiot when it comes to this ...how do i go about changing my password in winSCP?
11-11-2009, 02:36 PM #14
openshh is not even a dependency for any packages, I don't understand why so many newbies hve it installed. if you have no idea how to use it, uninstall it. if you do actually use it, you have three options. You can either consider an alternative, like USB-file transfer with diskaid or netalk which will work for mac. if you do like the ability to do over the air transfer then either change your shh password with mobileterminal or disable shh via sbsettings. if you dot have openshh installed, don't worry about getting a "virus." charlie miller may be an ultimate hacker, but some of things he says are just plan excagerated.Wanna-be coder/iphone user since '08
11-11-2009, 02:41 PM #15
Now, I might be a little rusty since it's been a while.
Open Terminal and type in "su"
This should prompt you to use your credentials to log in.
Follow the steps below while still having SU privileges and it SHOULD change that password.
At least that's how I've been doing it when playing around on my HTC, and if I recall, the commands are spot on with the iPhones.
11-11-2009, 02:44 PM #16
I un-installed all SSH stuff I had on my iphone but it still showing up in my SBsettings. Does that mean its still on my phone or its jus there for no reason?
11-11-2009, 02:44 PM #17
11-11-2009, 02:45 PM #18
11-11-2009, 02:49 PM #19
You can stop releasing bugs to try and scare people to quit jail breaking. It doesn't work.
11-11-2009, 02:52 PM #20
- Join Date
- Oct 2009
- Thanked 2 Times in 1 Post
You can change it even quicker if you have mobileterminal installed, just type in the command "passwd" and you can just change it simply from there.