New Malware Affects Jailbroken iPhones
- 12 November, 2009 08:40
- Comments
Late last week, an Australian hacker dubbed ikee deployed the Rickrolling worm - a harmless and humorous worm that installs a picture of 80s one hit wonder Rick Astley to affected users' home screens. Rickrolling serves not so much as malware but as a warning to jailbreak users who have installed SSH in order to gain root access to their iPhone's file system from the internet but have neglected to change the default password, even though not doing so is clearly warned against in the installation documentation.
To the few users yet to heed the warning presented by ikee, it might be a good time to go ahead and change that password. Security firm, Intego, has reported the discovery of a much more harmful piece of malware that affects jailbroken iPhones and permeates in the same fashion as the Rickrolling worm.
Once again exploiting the fact that many users who install SSH on their iPhones fail to change the default password, the iPhone/Privacy.A worm quietly copies personal information from an afflicted device and spreads itself to other unsecured iPhones on the same network. Unlike Rickrolling, which announces itself by changing the wallpaper, this worm gives no indication when a device has been infected. Since an unchanged SSH password grants root file system access, iPhone/Privacy.A has the potential to access any file stored on an affected iPhone- including, but not limited to e-mails, text messages, photos, music, videos and calendars.
This news shouldn't be read as a chastisement of jailbreaking but rather a reminder to use common sense. Especially when it comes to installing hackish software, know what you're getting yourself into, and always read the docs.
A Quick Guide To Changing Your Default Password:
1) Install Mobile Terminal
If you haven't done so already, install Mobile Terminal from the Cydia store.
2) Open and Login
Open the Mobile Terminal app. At the prompt, type "su" to login to root. Now type the default password, "alpine".
3) Change the Default Password
Once logged in, type "passwd" (the UNIX command to change the password of the current user). Now type the password you wish to change it to (please, anything but "alpine"). Re-type it when prompted. Don't forget your password!
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
- Bookmark this page
- Share this article
- Got more on this story? Email CIO
- Follow CIO on twitter
- Stopping Fake Antivirus: How to Keep Scareware off Your Network
- IDC Whitepaper: Generating Proven Business Value with EMC Next-Generation Backup and Recovery
- 10 Essential Steps to Web Security
- Transforming Your Business by Transforming Your Processes
- The Big Six: The CIO Executive Council’s Frameworks for IT Value and Leadership
-
Face Time - Interview with John Brennan and Robert DiStefano
-
Face Time - Interview with John Brennan and Robert DiStefano
-
Phones are distractions during catch-ups
-
Google's Sidewiki lets people post comments about Web pages
-
Leaving your job? Take your data with you
-
The Case for Real-Time Networking
CIOs are facing several powerful trends and inflection points that are defining the new IT landscape, including cloud computing, virtualization, the consumerization of IT, smart computing, and communications to collaboration. Taken individually, each one of these trends will have significant ripple effects throughout the planning and operations of IT network infrastructure. In aggregate, they will have an even more dramatic impact on the way that future network architectures need to be planned and designed. Read on. -
Oracle SOA vs. IBM SOA - Customer Perspectives on Evaluating Complexity and Business Value
The Service-Oriented Architecture (SOA) model has become the cornerstone of business computing. Its ability to greatly accelerate the development of business-critical applications promotes business agility, decreases time-to-value and total cost of ownership (TCO), and greatly increases the efficiency and strategic value of IT. SOA implementations tend to be complex, IT decision makers should carefully consider their choice of a SOA platform in terms of its ability to simplify the fundamental development, deployment, and management tasks involved. Read on. -
A buyer’s guide to application lifecycle management (ALM) solutions
This buyer's guide describes the key criteria for application lifecycle management (ALM) solutions for today's high-performance teams. It includes key considerations for enhancing your single- or multi-vendor ALM environment.
-
Office 2007 All-In-One Desk Reference for Dummies
-
Microsoft Office
-
Windows 7 for Dummies®
-
MYOB Software for Dummies 6E Australian Edition
-
Excel 2007 All-In-One Desk Reference for Dummies
-
Teach Yourself Visually Windows 7
-
Office 2007 for Dummies
-
Windows 7 for Dummies® Dvd+book Bundle
-
Computers for Seniors for Dummies, 2nd Edition
Get exclusive access to Invitation only events CIO, reports & analysis. 
Comments
Post new comment