BEWARE of Veency, Argentina trying to hack iphones

[drunix]

Some of my friends have been getting insistent connection attemps to the iphone via vency, even behind strong corporate firewalls, and my country''s superclosed gprs network w/ dynamic dns.

that means veency is calling somewhere, home maybe? or its broadcasting.... hey everyone... I am here.... WTHeck!!????

this is the address..... maybe its dinamic but is where the connection attemps are comming from

64 bytes from 190.137.199.69: icmp_seq=8338 ttl=113 time=230.857 ms
64 bytes from 190.137.199.69: icmp_seq=8339 ttl=113 time=232.889 ms
64 bytes from 190.137.199.69: icmp_seq=8340 ttl=113 time=234.327 ms
64 bytes from 190.137.199.69: icmp_seq=8341 ttl=113 time=233.465 ms
64 bytes from 190.137.199.69: icmp_seq=8342 ttl=113 time=231.758 ms
64 bytes from 190.137.199.69: icmp_seq=8343 ttl=113 time=226.746 ms
64 bytes from 190.137.199.69: icmp_seq=10088 ttl=49 time=241.502 ms
64 bytes from 190.137.199.69: icmp_seq=10089 ttl=49 time=240.887 ms
92 bytes from host69.190-137-199.telecom.net.ar (190.137.199.69): Destination Host Unreachable
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 5400 01cf 0 0000 2d 01 4460 192.168.1.3 190.137.199.69

92 bytes from host69.190-137-199.telecom.net.ar (190.137.199.69): Destination Host Unreachable
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 5400 4aba 0 0000 2d 01 fb74 192.168.1.3 190.137.199.69

92 bytes from host69.190-137-199.telecom.net.ar (190.137.199.69): Destination Host Unreachable
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 5400 e5f1 0 0000 2d 01 603d 192.168.1.3 190.137.199.69

92 bytes from host69.190-137-199.telecom.net.ar (190.137.199.69): Destination Host Unreachable
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 5400 67fb 0 0000 2d 01 de33 192.168.1.3 190.137.199.69

92 bytes from host69.190-137-199.telecom.net.ar (190.137.199.69): Destination Host Unreachable
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 5400 3fd4 0 0000 2d 01 065b 192.168.1.3 190.137.199.69

[leorimolo]

No entiendo mae! Decis que alguien te esta tratando de hackear el iphone?
salu2 de escazu

I don't get what he means with Vency tho. I can see something is broadcasting.

[star242]

Didn't take much to find out... seems to be the telecom service pinging the phones... just pinging and that's all it seems. Here is the name and contacts in the company included in the following data on the IP address.

% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries

% LACNIC resource: whois.lacnic.net


% Copyright LACNIC lacnic.net
% The data below is provided for information purposes
% and to assist persons in obtaining information about or
% related to AS and IP numbers registrations
% By submitting a whois query, you agree to use this data
% only for lawful purposes.
% 2009-02-10 17:17:49 (BRST -02:00)

inetnum: 190.137.198/23
status: reallocated
owner: Apolo -Gold-Telecom-Per
ownerid: AR-APGO-LACNIC
responsible: Aseguramiento de Datos
address: Dorrego, 2520, piso 3�
address: 1425 - Capital Federal -
country: AR
phone: +54 11 4968-7975 []
owner-c: ADA
tech-c: ADA
abuse-c: ADA
created: 20070905
changed: 20070905
inetnum-up: 190.137/16

nic-hdl: ADA
person: Administrador Abuse
e-mail: [email protected]
address: Dorrego, 2520, Piso 7
address: 1425 - Buenos Aires -
country: AR
phone: +54 11 4968 [4900]
created: 20030211
changed: 20081010

% whois.lacnic.net accepts only direct match queries.
% Types of queries are: POCs, ownerid, CIDR blocks, IP
% and AS numbers.

[infierny]

I have been receiving this connection attempts warnings too. At first I thought it was AT&T just pinging my phone cause the IP address was from the USA in Kansas but later on I got more of these requests so I decided to investigate.

So far I've received connection attempts from: China, Brazil, USA and Argentina.

This is the last IP it came from:187.6.55.53

I live in the USA and there is no way this is just a ping from the Telco. Has anybody got further information regarding this?