New iPhone Virus

Sophos, a security company in the field of IT warned of new virus that attacks the iPhone. This virus is most dangerous to date, because it makes an infected iPhone becomes zombies and incorporate them into the botnet.

This virus changes Wallpaper’s victims become a pop star image in the 1980s Rick Astley. This new iPhone worm (informally called a "duh" or "Ikee.B" by Security Researchers) was reported spreading in the wild in the Netherlands, designed to upload banking information to the server in Lithuania and to follow orders from a remote hacker. The "Duh" worm hunts for the iPhone vulnerable to a broader range of IP ranges from Ikee, who only ever reported in Australia. "Duh" including IP ranges in several countries, including the Netherlands, Portugal, Australia, Austria, and Hungary.

"This latest iPhone malware is doubly criminal. Not only does it break into your iPhone without permission, but it also cedes control of your phone to a botnet command server in Lithuania," said Graham Cluley, senior technology consultant at Sophos "That means your iPhone has just been turned into a zombie, ready to download and to perform any commands the cybercriminals might want in the future. If infected, you have to consider all of the data that passes through your iPhone compromised."

Further, Sophos reports that "Duh" changes the password on your iPhone - meaning that cybercriminals know what it is but infected users don't, allowing criminals to log back into your iPhone later. However, Sophos expert Paul Ducklin managed to recover the password - revealing that infected users can login as root with the password 'ohshit'.

"Apple's default root password - 'alpine' - on the iPhone breaks two fundamental rules - it's both a dictionary word and well-known. This doesn't matter for most iPhone users, as they haven't jailbroken their iPhones and installed SSH to allow remote access - but the new worm will break in and immediately change it. This change is made by directly editing the encrypted value of the password in the master password file, so that the new password is never revealed," explained Paul Ducklin, head of technology in Sophos Asia Pacific. "This password-changing represents an additional risk, as it means that cybercriminals now know what your password is - allowing them to log back into your iPhone later - but you don't, so you cannot login and eliminate the virus."

Sophos strongly recommends that all users of jailbroken phones change their passwords from 'alpine' immediately to avoid further attacks.

Huh, be careful... an invisible activity is going to your iPhone...
Adopted from infozine

No comments:

Post a Comment