The Black Vault Message Forums

Discover the Truth!        

Information Technology / Computer Talk

First iPhone Worm Targets Jailbroken iPhones [WARNING]

A forum where you can view tech and computer related articles and exchange tips and advice. Need help with a computer problem? This is the forum for you!

Postby rath » Fri Nov 27, 2009 5:52 am

If you’ve got a jailbroken iPhone, listen up: a worm is reported to have broken out in Australia that targets owners who have not changed the default password after installing SSH.

The worm’s behavior is somewhat amusing: it changes your background to a photo of Rick Astley, then looks for other phones on the network to infect. That said, the exploit could easily be used by hackers with malicious intent for more nefarious purposes.

If you have a jailbroken iPhone and you’ve installed SSH without changing the default password (from “alpine”) you need to do so to avoid such attacks. If you have not jailbroken your iPhone or iPod Touch and installed SSH, you are not affected.

Sophos writes of the exploit:

SophosLabs is analysing the worm’s code, which suggests that at least four variants have been written so far. One of the attributes of the latest variant (labelled the “D” version) is that it tries to hide its presence by using a filepath suggestive of the Cydia application.

The source code is littered with comments from the author suggesting the worm has been written as an experiment. One of the comments berates affected users for not following instructions when installing SSH, because if they had changed the default password the worm would not have been able to infect them.

You have been warned!
Posts: 4344
Joined: Thu Apr 09, 2009 11:54 am

Postby rath » Fri Nov 27, 2009 5:55 am

iPhone Worm Creator Hired as Developer

, Nov 27, 2009 1711 hrs IST

First jailbroken iPhone worm creator will now develop apps for iPhone
E-Mail Print

Just like Michael 'Mikeyy' Mooney, the Twitter Worm creator got lucky by getting hired, now first jailbroken iPhone worm creator Ashley Towns aka "ike_x" got a job as iPhone Developer. Recently, Towns had alarmed the jailbroken iPhone owners with first iPhone worm. The first worm created by exploiting the loop hole in iPhone OS surely grabbed attention of employers.

Ashley Towns aka ikeeex on Twitter tweeted that he got a job as iPhone Developer. Graham Cluley, security analyst at Sophos Labs, once again criticized this development just like he did in Mooney's case. Cluley pointed out, in the blog post, that the first iPhone worm lead to creation of a new dangerous worm that steals financial information from iPhones and iPod Touch.

Towns will be joining Mogeneration, an iPhone App development company based in Australia.

It is indeed surprising to see the overnight hiring of the worm creator whose prank must've bothered thousands. These young folks exploit the loopholes in the codes of websites or software and then grab attention.

And now, with Town getting hired, several other teenagers may get into such nefarious activities to get money or to be hired by some development company.

Not always one can expect to be rewarded for pointing a loophole and high chances of getting behind bars always exist. Finding and reporting loopholes should be encouraged by companies of the affected product rather than letting some third party reap its benefits.
Posts: 4344
Joined: Thu Apr 09, 2009 11:54 am

Return to Information Technology / Computer Talk

  • View new posts
  • View unanswered posts
  • Who is online
  • In total there is 1 user online :: 0 registered, 0 hidden and 1 guest (based on users active over the past 10 minutes)
  • Most users ever online was 292 on Mon Apr 23, 2012 3:19 pm
  • Users browsing this forum: No registered users and 1 guest