Sunday, November 29, 2009

Another malicious worm jumps on jailbroken iPhone

A latest detected worm targeted jailbroken iPhone can allow hackers to control the phone from remote terminal. The worm could plague the illegally modified (jailbroken) iPhone by spreading through the Wi-Fi network with iPhones sharing the same Wi-Fi spot. It is reported that the worm only affects jailbroken iPhone, because the user modifies the phone system to allow for unauthorized code execution.

Users jailbreak their iPhone in order to install some cool applications from third-party developers, applications that are usually not approved by Apple. Some immoral authors would sneak harmful codes or Trojans in the seemingly safe application to exploit the loopholes. Since the iPhone's security measures are disabled after jailbreak, the phone is very vulnerable to security breach in a circumstance that user may not be aware of.

Similar offenses have been revealed before. Ikee, which behavior is employed by this latest unnamed worm but not malicious, only changes the wallpaper on affected iPhone to a picture of 1980s pop star Rick Astley, who sang the 1987 hit "Never Gonna Give You Up." The prediction over a new stronger morph of Ikee coming on heel is now completely proven. This morph comes with botnet functionality that will hand over the phone control to the hacker on the remote side beyond the user's consciousness.

Fortunately, the worm for the moment only knocks down iPhones that has SSH installed and default password "alpine" unchanged. Those who get infected are living in Netherlands and bank with ING Direct. But anti-virus experts voiced the possibility that this worm could spread to other regions.

The only safe solution is not to let your iPhone run unauthorized codes. With more hackers exploiting loopholes by taking advantage of unauthorized code, the future worms or Trojans on iPhone will become more and more difficult to detect and isolate. Experts suggest that user should upgrade their iPhone OS to date and not jailbreak their iPhone if they don't necessary need to.

No comments:

Post a Comment