Monday, November 23, 2009

Third iPhone worm targets jailbroken iPhones in Europe, Australia

Another week, another worm hitting jailbroken iPhones. As with the previous exploits, which Rickrolled your phone’s wallpaper and stole your data, this nasty piece of work burrows its way into your jailbroken device if you haven’t changed the password for the iPhone’s root account—you have changed your root password, right? Right?

A source who’s seen the worm in the wild tells Macworld that, after compromising the phone, the worm goes on to replace the phone’s copy of the SSH remote login software, changes the root password (so you can’t stop the worm without wiping the phone), skims your SMS database, checks in with its Lithuania-based overlords via the network, and then starts running a piece of software that searches for other vulnerable phones on both the local network and known IP address ranges of specific Internet Service Providers (mostly European). Somebody should have told the worm that nobody likes overachievers.

No comments:

Post a Comment