Malicious worm targets jail-broken iPhones
Phil Muncaster
Users of jail-broken iPhones are being warned of yet another piece of malware after the discovery over the weekend of a worm with the ability to steal online banking credentials.
The new ‘Duh’ malware is likely to be based on the original Ikee worm which was spread a couple of weeks ago by a young hacker in Australia. Both target jail-broken iPhones with OpenSSH installed and the default password intact.
However, security experts have warned that its characteristics are much more malicious, and that hackers are likely to continue to propagate such malware if they can make money from it.
“It is much more serious than Ikee because it is not limited to infecting iPhone users in Australia, and communicates with an internet ‘control and command’ centre, downloading new instructions and effectively turning your iPhone into part of a botnet,” said Sophos senior technology consultant Graham Cluley.
“Furthermore, it appears to be designed to steal information from users of online banking services.”
Cluley’s colleague at Sophos, Chester Wisniewski, added that the worm appears to be attacking IP ranges from a larger range of internet service providers. He recommended users to restore their phones to the Apple-supplied firmware, or think about choosing a different phone.
“If you want freedom of application choice, perhaps you should consider an Android-based phone rather than hacking your device into a potentially insecure state,” he said in a blog post.
“This further demonstrates that iPhones are not ready for the business environment. Apple has made a great effort at preventing people from cracking into their software and unlocking/jail-breaking their devices, but where there is a will, there will always be a way.”
