+ Reply
Page 1 of 3 123 LastLast
Results 1 to 20 of 57

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: Malicious Worm Takes Aim at Jailbroken iPhones

is a discussion within the

iPhone News

forums, a part of the

General iPhone

section;
There's a new worm on the radar. And, this time, it's a bit more nefarious than anything Rick Astley could have ever imagined himself. The worm is the first malicious
...
  1. #1
    MMi Staff Writer Michael Essany's Avatar
    Join Date
    Aug 2009
    Location
    Valparaiso, Indiana
    Posts
    3,721
    Thanks
    17
    Thanked 1,479 Times in 565 Posts

    Default Malicious Worm Takes Aim at Jailbroken iPhones



    There's a new worm on the radar. And, this time, it's a bit more nefarious than anything Rick Astley could have ever imagined himself.

    The worm is the first malicious infestation to hit the iPhone, the first merely displaying a picture of 1980's crooner Rick Astley - although music lovers might claim that was pretty malicious as well.
    According to a boatload of media outlets covering the news today, a second worm to hit the iPhone has been detected by security company F-Secure. And, says TG Daily, for now, the worm has set its sights on people in the Netherlands who use their iPhones for internet banking with Dutch online bank ING Direct.

    In other words, this worm isn't just for "fun." There is an obvious financial motive behind this newly discovered attack.

    The worm attacks jailbroken phones and sneakily redirects bank customers to a cloned, look-alike site prompting one to enter their username and password. Naturally, the bank is now frantically trying to get the word out to customers in a hurried fashion.

    Unfortunately, it isn't yet clear just how many iPhones may be infected. Once thought to be merely in the hundreds, it's now more likely that the number has increased into the thousands. As warned by F-Secure, the aforementioned worm can recruit iPhones to a botnet and skip around among phones currently sharing the same wi-fi hotspot.

    "It's the second iPhone worm ever and the first that's clearly malicious - there's a clear financial motive behind it," says F-Secure research director Mikko Hyponen."It's fairly isolated and specific to Netherlands but it is capable of spreading."
    For now, fending off the worm involves some pretty basic steps. For example, jailbroken phone owners are strongly encouraged to revise their SSH password from the default '"Alpine" to help evade the worm.

    To help spread the word and not the worm, F-Secure is endeavoring to publish as many known details as possible of the worm. You can check out their official blog originating from Lithuania by clicking here.

    Image via Mobile Castle
    Last edited by Michael Essany; 11-23-2009 at 12:40 PM.

  2. The Following 6 Users Say Thank You to Michael Essany For This Useful Post:

    JailbrokeniPodKing (11-23-2009), LEVMAN (11-23-2009), louort3 (11-23-2009), matthew1111 (11-23-2009), micnchris (11-27-2009), reaves205 (11-23-2009)

  3. #2
    iPhone? More like MyPhone madczech's Avatar
    Join Date
    Dec 2007
    Location
    Zürich
    Posts
    259
    Thanks
    21
    Thanked 53 Times in 42 Posts

    lucky I dont live in the netherlands!

  4. #3
    I'm not a star Imahottguy's Avatar
    Join Date
    Jul 2007
    Location
    MI, USA
    Posts
    2,440
    Thanks
    92
    Thanked 164 Times in 143 Posts

    For the love of gawd! n00bs: Change your effing root password!!

    @Meesany: You should put info on how to change the default password in the first post, n00bs need to be spoon fed.
    And it will be like a taco inside a taco within a Taco Bell that's inside a KFC that's within a mall that's inside your dream! Springboard screwy after reboot? Here is the fix

  5. The Following User Says Thank You to Imahottguy For This Useful Post:

    whereswaldo (11-23-2009)

  6. #4
    iPhone? More like MyPhone madczech's Avatar
    Join Date
    Dec 2007
    Location
    Zürich
    Posts
    259
    Thanks
    21
    Thanked 53 Times in 42 Posts

    Quote Originally Posted by Imahottguy View Post
    For the love of gawd! n00bs: Change your effing root password!!

    @Meesany: You should put info on how to change the default password in the first post, n00bs need to be spoon fed.
    True that!

    Or just uninstall openssh!!

  7. #5
    MMi Staff Writer Michael Essany's Avatar
    Join Date
    Aug 2009
    Location
    Valparaiso, Indiana
    Posts
    3,721
    Thanks
    17
    Thanked 1,479 Times in 565 Posts

    @Imahottguy Thanks! I've put in a link.

  8. The Following 2 Users Say Thank You to Michael Essany For This Useful Post:

    cbgaines (11-23-2009), mixi92 (11-23-2009)

  9. #6
    iPhone? More like MyPhone mixi92's Avatar
    Join Date
    Sep 2007
    Location
    US/RP
    Posts
    115
    Thanks
    12
    Thanked 32 Times in 25 Posts

    Quote Originally Posted by Imahottguy View Post
    For the love of gawd! n00bs: Change your effing root password!!

    @Meesany: You should put info on how to change the default password in the first post, n00bs need to be spoon fed.
    Got it on...see post...instruction also in cydia...

    2nd Worm hit Jailbroken iPhones

    Quote Originally Posted by Messany View Post
    @Imahottguy Thanks! I've put in a link.
    Thanks Messany...hope everyone would change their password.
    Last edited by mixi92; 11-23-2009 at 06:01 AM. Reason: Automerged Doublepost

  10. #7
    Livin the iPhone Life CaptainChaos's Avatar
    Join Date
    Sep 2008
    Location
    In a van down by the river
    Posts
    4,823
    Thanks
    551
    Thanked 515 Times in 427 Posts

    Yet another convincing piece of evidence that Apple can use against jailbreaking in the upcoming hearings. Great.

  11. The Following User Says Thank You to CaptainChaos For This Useful Post:

    JailbrokeniPodKing (11-23-2009)

  12. #8
    Green Apple
    Join Date
    Jun 2009
    Location
    Florida
    Posts
    37
    Thanks
    6
    Thanked 0 Times in 0 Posts

    Noob question, But this work if you dont have SSH installed? or is the root and alpine set by default as soon as you jailbreak?

  13. #9
    Livin the iPhone Life CaptainChaos's Avatar
    Join Date
    Sep 2008
    Location
    In a van down by the river
    Posts
    4,823
    Thanks
    551
    Thanked 515 Times in 427 Posts

    If you don't have ssh installed then you don't have to worry about it. The benefits of having it though are why it will always be on my phone.

  14. The Following User Says Thank You to CaptainChaos For This Useful Post:

    jalexis4192 (11-23-2009)

  15. #10
    Green Apple
    Join Date
    Oct 2007
    Posts
    47
    Thanks
    2
    Thanked 4 Times in 2 Posts

    It's as simple as this.... if you know how to and have Jailbroken your phone you SHOULD know how to change your root password. Pure laziness and it's there fault to get infected.

  16. #11
    Green Apple
    Join Date
    Jun 2009
    Location
    Florida
    Posts
    37
    Thanks
    6
    Thanked 0 Times in 0 Posts

    Quote Originally Posted by CaptainChaos View Post
    If you don't have ssh installed then you don't have to worry about it. The benefits of having it though are why it will always be on my phone.
    I know, but i just use it maybe once to get my theme on phone, and to get the tethering hack, after that, its pretty much useless to me, Since i dont switch themes every 5 seconds like some people do, dont use dTunes or anything either so yeah.

  17. #12
    Livin the iPhone Life CaptainChaos's Avatar
    Join Date
    Sep 2008
    Location
    In a van down by the river
    Posts
    4,823
    Thanks
    551
    Thanked 515 Times in 427 Posts

    True, but if your phone gets stuck at the bootlogo and you don't have ssh then your only option is to restore.

  18. #13
    Livin the iPhone Life
    Join Date
    Aug 2008
    Location
    New York
    Posts
    1,023
    Thanks
    3
    Thanked 78 Times in 63 Posts

    These aren't that complex of "Worms". Any basic programmer can write a walking script that simply:

    1) Try SSH to IP
    2) Login as root/alpine
    3) Replace hosts file with bad one
    4) Try SSH to next IP.

  19. #14
    Livin the iPhone Life tudtran's Avatar
    Join Date
    Sep 2007
    Location
    Foco, Colorado
    Posts
    1,001
    Thanks
    4
    Thanked 38 Times in 29 Posts

    MTF. leave other people **** alone.

  20. #15
    What's Jailbreak?
    Join Date
    Jun 2009
    Location
    Brooklyn NY
    Posts
    18
    Thanks
    1
    Thanked 7 Times in 2 Posts

    TO ALL : Please just change the root password and thats it its not that hard just click on this link and it will show you step by step on how to do it ..

    How To Change the iPhone’s Root Password | Just Another iPhone Blog

    Dont forget to hitt the " thanks " if it helped you .

  21. The Following 5 Users Say Thank You to marko911 For This Useful Post:

    asidrave (11-23-2009), cbgaines (11-23-2009), darwina (11-23-2009), fidosam (11-23-2009), Michael Essany (11-23-2009)

  22. #16
    iPhone? More like MyPhone
    Join Date
    Dec 2007
    Posts
    102
    Thanks
    21
    Thanked 11 Times in 6 Posts

    Its simple to avoid. Just change the password from alpine to whatever you want. Issue resolved. I can't live without ssh so its a no brainer.

  23. #17
    Green Apple
    Join Date
    Dec 2007
    Posts
    35
    Thanks
    7
    Thanked 16 Times in 9 Posts

    Has anyone had the thought that maybe Apple are behind these "attacks" to scare people away from jailbreaking?

  24. #18
    iPhone? More like MyPhone hancoma's Avatar
    Join Date
    Oct 2009
    Location
    Austin Texas
    Posts
    129
    Thanks
    14
    Thanked 15 Times in 8 Posts

    What is this, the 3rd 'worm' in as many weeks due to this issue?
    I cannot believe this is still occurring. Seriously, once I used Cyberduck with SSH, that was the first thing I changed.

    I think this is the result of a lot of people simply doing 'cool' things on their phone and do not really understand the ramifications of leaving ANY passwords in default...
    I believe this will only get worse as JB becomes more mainstream.

    WOW!!

  25. #19
    The Dude Abides mr117's Avatar
    Join Date
    Jun 2007
    Posts
    595
    Thanks
    49
    Thanked 100 Times in 74 Posts

    Isn't it, really, "You are, Number 6"? Oops, I gave it all away.

    You know, for us Mac-ies, there are other ways to access files. I use iFuntastic, I ain't 'fraid of no worm!

  26. #20
    Developer n00neimp0rtant's Avatar
    Join Date
    Feb 2008
    Location
    Pittsburgh, PA
    Posts
    1,341
    Thanks
    25
    Thanked 600 Times in 136 Posts

    Oh, the SSH "hacker" sh!t again? Really? This is getting pretty old.

Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts