Page 1 of 3 123 LastLast
Results 1 to 20 of 57

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: Malicious Worm Takes Aim at Jailbroken iPhones

  1. #1
    MMi Staff Writer Michael Essany's Avatar
    Join Date
    Aug 2009
    Location
    Valparaiso, Indiana
    Posts
    3,850
    Thanks
    17
    Thanked 1,481 Times in 567 Posts

    Default Malicious Worm Takes Aim at Jailbroken iPhones



    There's a new worm on the radar. And, this time, it's a bit more nefarious than anything Rick Astley could have ever imagined himself.

    The worm is the first malicious infestation to hit the iPhone, the first merely displaying a picture of 1980's crooner Rick Astley - although music lovers might claim that was pretty malicious as well.
    According to a boatload of media outlets covering the news today, a second worm to hit the iPhone has been detected by security company F-Secure. And, says TG Daily, for now, the worm has set its sights on people in the Netherlands who use their iPhones for internet banking with Dutch online bank ING Direct.

    In other words, this worm isn't just for "fun." There is an obvious financial motive behind this newly discovered attack.

    The worm attacks jailbroken phones and sneakily redirects bank customers to a cloned, look-alike site prompting one to enter their username and password. Naturally, the bank is now frantically trying to get the word out to customers in a hurried fashion.

    Unfortunately, it isn't yet clear just how many iPhones may be infected. Once thought to be merely in the hundreds, it's now more likely that the number has increased into the thousands. As warned by F-Secure, the aforementioned worm can recruit iPhones to a botnet and skip around among phones currently sharing the same wi-fi hotspot.

    "It's the second iPhone worm ever and the first that's clearly malicious - there's a clear financial motive behind it," says F-Secure research director Mikko Hyponen."It's fairly isolated and specific to Netherlands but it is capable of spreading."
    For now, fending off the worm involves some pretty basic steps. For example, jailbroken phone owners are strongly encouraged to revise their SSH password from the default '"Alpine" to help evade the worm.

    To help spread the word and not the worm, F-Secure is endeavoring to publish as many known details as possible of the worm. You can check out their official blog originating from Lithuania by clicking here.

    Image via Mobile Castle
    Last edited by Michael Essany; 11-23-2009 at 01:40 PM.

  2. The Following 6 Users Say Thank You to Michael Essany For This Useful Post:

    JailbrokeniPodKing (11-23-2009), LEVMAN (11-23-2009), louort3 (11-23-2009), matthew1111 (11-23-2009), micnchris (11-27-2009), reaves205 (11-23-2009)

  3. #2
    iPhone? More like MyPhone madczech's Avatar
    Join Date
    Dec 2007
    Location
    Zürich
    Posts
    259
    Thanks
    21
    Thanked 53 Times in 42 Posts

    lucky I dont live in the netherlands!

  4. #3
    For the love of gawd! n00bs: Change your effing root password!!

    @Meesany: You should put info on how to change the default password in the first post, n00bs need to be spoon fed.
    And it will be like a taco inside a taco within a Taco Bell that's inside a KFC that's within a mall that's inside your dream! Springboard screwy after reboot? Here is the fix

  5. The Following User Says Thank You to Imahottguy For This Useful Post:

    whereswaldo (11-23-2009)

  6. #4
    iPhone? More like MyPhone madczech's Avatar
    Join Date
    Dec 2007
    Location
    Zürich
    Posts
    259
    Thanks
    21
    Thanked 53 Times in 42 Posts

    Quote Originally Posted by Imahottguy View Post
    For the love of gawd! n00bs: Change your effing root password!!

    @Meesany: You should put info on how to change the default password in the first post, n00bs need to be spoon fed.
    True that!

    Or just uninstall openssh!!

  7. #5
    MMi Staff Writer Michael Essany's Avatar
    Join Date
    Aug 2009
    Location
    Valparaiso, Indiana
    Posts
    3,850
    Thanks
    17
    Thanked 1,481 Times in 567 Posts

    @Imahottguy Thanks! I've put in a link.

  8. The Following 2 Users Say Thank You to Michael Essany For This Useful Post:

    cbgaines (11-23-2009), mixi92 (11-23-2009)

  9. #6
    iPhone? More like MyPhone mixi92's Avatar
    Join Date
    Sep 2007
    Location
    US/RP
    Posts
    115
    Thanks
    12
    Thanked 32 Times in 25 Posts

    Quote Originally Posted by Imahottguy View Post
    For the love of gawd! n00bs: Change your effing root password!!

    @Meesany: You should put info on how to change the default password in the first post, n00bs need to be spoon fed.
    Got it on...see post...instruction also in cydia...

    2nd Worm hit Jailbroken iPhones

    Quote Originally Posted by Messany View Post
    @Imahottguy Thanks! I've put in a link.
    Thanks Messany...hope everyone would change their password.
    Last edited by mixi92; 11-23-2009 at 07:01 AM. Reason: Automerged Doublepost

  10. #7
    Livin the iPhone Life CaptainChaos's Avatar
    Join Date
    Sep 2008
    Location
    In a van down by the river
    Posts
    4,826
    Thanks
    553
    Thanked 515 Times in 427 Posts

    Yet another convincing piece of evidence that Apple can use against jailbreaking in the upcoming hearings. Great.

  11. The Following User Says Thank You to CaptainChaos For This Useful Post:

    JailbrokeniPodKing (11-23-2009)

  12. #8
    Noob question, But this work if you dont have SSH installed? or is the root and alpine set by default as soon as you jailbreak?

  13. #9
    Livin the iPhone Life CaptainChaos's Avatar
    Join Date
    Sep 2008
    Location
    In a van down by the river
    Posts
    4,826
    Thanks
    553
    Thanked 515 Times in 427 Posts

    If you don't have ssh installed then you don't have to worry about it. The benefits of having it though are why it will always be on my phone.

  14. The Following User Says Thank You to CaptainChaos For This Useful Post:

    jalexis4192 (11-23-2009)

  15. #10
    It's as simple as this.... if you know how to and have Jailbroken your phone you SHOULD know how to change your root password. Pure laziness and it's there fault to get infected.

  16. #11
    Quote Originally Posted by CaptainChaos View Post
    If you don't have ssh installed then you don't have to worry about it. The benefits of having it though are why it will always be on my phone.
    I know, but i just use it maybe once to get my theme on phone, and to get the tethering hack, after that, its pretty much useless to me, Since i dont switch themes every 5 seconds like some people do, dont use dTunes or anything either so yeah.

  17. #12
    Livin the iPhone Life CaptainChaos's Avatar
    Join Date
    Sep 2008
    Location
    In a van down by the river
    Posts
    4,826
    Thanks
    553
    Thanked 515 Times in 427 Posts

    True, but if your phone gets stuck at the bootlogo and you don't have ssh then your only option is to restore.

  18. #13
    Livin the iPhone Life
    Join Date
    Aug 2008
    Location
    New York
    Posts
    1,023
    Thanks
    3
    Thanked 78 Times in 63 Posts

    These aren't that complex of "Worms". Any basic programmer can write a walking script that simply:

    1) Try SSH to IP
    2) Login as root/alpine
    3) Replace hosts file with bad one
    4) Try SSH to next IP.

  19. #14
    Livin the iPhone Life tudtran's Avatar
    Join Date
    Sep 2007
    Location
    Foco, Colorado
    Posts
    1,004
    Thanks
    4
    Thanked 39 Times in 30 Posts

    MTF. leave other people **** alone.

  20. #15
    What's Jailbreak?
    Join Date
    Jun 2009
    Location
    Brooklyn NY
    Posts
    18
    Thanks
    1
    Thanked 7 Times in 2 Posts

    TO ALL : Please just change the root password and thats it its not that hard just click on this link and it will show you step by step on how to do it ..

    How To Change the iPhone’s Root Password | Just Another iPhone Blog

    Dont forget to hitt the " thanks " if it helped you .

  21. The Following 5 Users Say Thank You to marko911 For This Useful Post:

    asidrave (11-23-2009), cbgaines (11-23-2009), darwina (11-23-2009), fidosam (11-23-2009), Michael Essany (11-23-2009)

  22. #16
    Its simple to avoid. Just change the password from alpine to whatever you want. Issue resolved. I can't live without ssh so its a no brainer.

  23. #17
    Has anyone had the thought that maybe Apple are behind these "attacks" to scare people away from jailbreaking?

  24. #18
    iPhone? More like MyPhone hancoma's Avatar
    Join Date
    Oct 2009
    Location
    Austin Texas
    Posts
    129
    Thanks
    14
    Thanked 15 Times in 8 Posts

    What is this, the 3rd 'worm' in as many weeks due to this issue?
    I cannot believe this is still occurring. Seriously, once I used Cyberduck with SSH, that was the first thing I changed.

    I think this is the result of a lot of people simply doing 'cool' things on their phone and do not really understand the ramifications of leaving ANY passwords in default...
    I believe this will only get worse as JB becomes more mainstream.

    WOW!!

  25. #19
    Isn't it, really, "You are, Number 6"? Oops, I gave it all away.

    You know, for us Mac-ies, there are other ways to access files. I use iFuntastic, I ain't 'fraid of no worm!

  26. #20

Page 1 of 3 123 LastLast
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •