iPhone Hack Attacks Could Define 2010

**Michael Essany** · 12-30-2009, 07:28 AM

Roel Schouwenberg, a senior malware researcher at Kaspersky Lab Americas, is presenting a startling prediction for 2010. As highlighted today on 24/7 Wallstreet, Google Wave, the iPhone and Android could sustain heavy cyber attacks next year.

Schouwenberg predicts that hackers will make major assaults on the Apple iPhone and handsets running the Google Android operating system beginning in 2010. “The first malicious programs for these mobile platforms appeared in 2009, a sure sign that they have aroused the interest of cybercriminals.”

Although the iPhone could face substantial threats, Schouwenberg postulates that Google Wave will probably be the biggest target of cyber criminals. And he says attacks will "no doubt" follow a familiar pattern - spam will be sent, phishing attacks will be attempted, and then the exploiting of vulnerabilities will take place as malware spreads deeper into once "safe territory."

Software security has become a multi-billion industry, particularly protecting Microsoft products. McAfee (NYSE:MFE) and Symantec (NASDAQ:SYMC), the two largest software security companies, had $8 billion in revenue between them last year. But, the PC and server worlds are still awash in spam, phishing attacks, and malware problems. The best that can be said about the two software security firms and their competitors is that the problems are not worse than they are already.

Strangely enough, Schowenberg says the competition among search engines like Google, Microsoft Bing, and Yahoo will heavily contribute to the rise in "cyber terrorism" in the months and years to come. As the search engines endeavor to incorporate Facebook and Twitter posts in search results, cyber criminals will have an easier time deploying "phishing scams, banking Trojans and cutting-edge intrusions."

Even though Schouwenberg may be a little too "gloom and doom" for most, it stands to reason that as smartphones and mobile technologies become more sophisticated, so too will the hackers and their devious plots to exploit vulnerabilities - of which there are obviously more today than ever.

That still leaves one of the primary purposes for malicious hacking which is simply to cause chaos. A software expert decides to disrupt a large technology ecosystem because he can. As Alfred said in the Batman movie “The Dark Knight”, “… some men aren’t looking for anything logical, like money. They can’t be bought, bullied, reasoned or negotiated with. Some men just want to watch the world burn.” The iPhone OSX and Android operating systems are vulnerable because they are popular and there may not be any comprehensive defense against that.

Image via TechDigest

**battlecrushr** · 12-30-2009, 07:31 AM

Wow. Guess I need fond out how to use firewall ip

**jdys_1991** · 12-30-2009, 07:36 AM

I got exactly the same keyboard as in the first post!

**luvmytj** · 12-30-2009, 07:58 AM

Originally Posted by jdys_1991

I got exactly the same keyboard as in the first post!

So why are you wearing the mask & gloves? LOL

**brianlg** · 12-30-2009, 08:06 AM

Originally Posted by battlecrushr

Wow. Guess I need fond out how to use firewall ip

Will this help? I need to get it if soo

**nrowensby** · 12-30-2009, 08:11 AM

Originally Posted by jdys_1991

I got exactly the same keyboard as in the first post!

Me too... at least at work, I do

**Peemcgee** · 12-30-2009, 08:12 AM

"Wow. Guess I need fond out how to use firewall ip"

i second that

**tudtran** · 12-30-2009, 08:45 AM

F**kers.

**JAG2621** · 12-30-2009, 09:59 AM

They are just saying attempts will be made but not how they will be made. We will have to wait and find that out when the time comes but the first thing to do is change the root password on your iPhone. Firewall IP will be a good app to help defend the threats also. But as stated in the case of the Rick Astley worm and open ssh changing the root password is a must!

To change root password,

1: Install MobileTerminal Package
MobileTerminal Package

2: Run MobileTerminal

This program will be on your SpringBoard called "Terminal".

3: Obtain Administrator Access

Run "su root" and provide the root password. The default password as provided by Apple is "alpine".

4: Change the root Password

Run "passwd" and type in your new password twice. Please note that your keypresses will not be displayed on the terminal screen (for security).
iPhone:~ root# passwd
Changing password for root.
New password:
Retype new password:
iPhone:~ root#

**kevin.e.white** · 12-30-2009, 10:38 AM

thanks jag, opening terminal as i type.

**jayson9** · 12-30-2009, 10:40 AM

Originally Posted by JAG2621

They are just saying attempts will be made but not how they will be made. We will have to wait and find that out when the time comes but the first thing to do is change the root password on your iPhone. Firewall IP will be a good app to help defend the threats also. But as stated in the case of the Rick Astley worm and open ssh changing the root password is a must!.........

Then (or) turn off SSH using SBSettings........

**battlecrushr** · 12-30-2009, 10:42 AM

But in some cases havin ssh on all the time I's positive

**kevin.e.white** · 12-30-2009, 10:43 AM

i forget almost all the time to turn it off.

**ifonemaniac** · 12-30-2009, 10:49 AM

Originally Posted by Messany

As Alfred said in the Batman movie “The Dark Knight”, “… some men aren’t looking for anything logical, like money. They can’t be bought, bullied, reasoned or negotiated with. Some men just want to watch the world burn.”

Quoting a quote there. The men that can't be bought, bullied, reasoned or negotiated with... are the men that need to be killed.

**JAG2621** · 12-30-2009, 11:01 AM

Originally Posted by jayson9

Then (or) turn off SSH using SBSettings........

Just don't forget! But if you change the root password it does not matter!

**plcrules** · 12-30-2009, 12:57 PM

the sad thing is that they could use the same exploits needed 2 jailbreak so apple will boost up security and win we finally figure out how 2 jailbreak more viruses

**skeels** · 12-30-2009, 02:29 PM

Don't forget to change the mobile password too
1) type passwd at mobiletermianl and change (you'll have to type alpine as old password).
This is often overlooked - you're data is all owned and accessible by the "mobile" user. (Which is why the RockApp prompts you for this change as many users don't know about the security compromise by not changing this passwd).

**thecritter** · 12-30-2009, 03:05 PM

I agree with shutting off SSH through SBSettings or whatever you have. If you can brute force SSH normally, I'm sure it can be done to an iPhone. Yes, changing the password will help, but I'm sure there will be a way to bruteforce the password if someone really really wants to. So, just shut it off.

safest thing to do.

**BecomingxInsane** · 12-30-2009, 03:40 PM

Back when I had my 3G, I never had SSH installed. When I went into my file system it was easiest to do via USB. Wasn't really aware people used SSH more. Glad I don't have to worry about iPhone hacks anymore though. Haha.

**thecritter** · 12-30-2009, 03:51 PM

Lol, SSH isn't the only way someone could attack the iPhone. I'm sure there are other exploits that can be done over the network without having to go through SSH. If it can be done, it will be done. haha. IMO it would be sick if someone made something that monitored all incoming and outgoing connections and asked the users permission to allow or deny those connections. Or is that what Firewall IP does? (haven't used it). So... if iPhone attacks really do get serious, just turning off SSH probably won't help that much. but hopefully they don't get that far

Thread: iPhone Hack Attacks Could Define 2010

LinkBack

Thread Tools

Display

iPhone Hack Attacks Could Define 2010

The Following User Says Thank You to Michael Essany For This Useful Post:

The Following 5 Users Say Thank You to JAG2621 For This Useful Post:

Posting Permissions