First Malicious iPhone Worm In the Wild 135
An anonymous reader writes "After the ikee worm that displayed a picture of Rick Astley on jailbroken iPhones, the first malicious iPhone worm (Google translation; original, in Dutch) has now been discovered in the wild. Internet provider XS4ALL in the Netherlands encountered several of such devices (link in Dutch) on the wireless networks of their customers and put out a warning. After obtaining a copy of the malware it was discovered that the jailbroken phones, which are exploited through openSSH with a default password, scan IP ranges of mobile internet providers for other vulnerable iPhones, phone home to a C&C botnet server, are able to update themselves with additional malware and have the ability to dump the SMS database as well. Owners of a jailbroken iPhone with a default root password are advised to flash to the latest Apple firmware in order to ensure no malware is present."
Oh, Dutch... (Score:1, Interesting)
I love it.
So the only phones at risk are the jailbroken (jailbreaked?) ones?
You'd think the thing to do would be to incorporate a password-changing tool into the jailbreaking tools somehow, so users have to select something other than the default one.
Wait a second? (Score:4, Interesting)
>to the latest Apple firmware in order to ensure no malware is present."
If they flash to the latest apple firmware, will they be able to
Most importantly - will they be able to jailbreak the device after the update?
I see a future where Apple, the RIAA, and others might wish to write worms to help prevent people from hacking their devices or brick devices that have been "hacked".
What, a worm on a platform with no market share? (Score:2, Interesting)
Doesn't this (finally) put to bed the notion that there are virtually no worms or viruses for Mac OS X simply because hackers don't want to waste their time on a platform with so little market share? The platform targeted by the hackers in this case -- jailbroken iphones running a particular service -- is a fraction of the installed base of Mac OS X computers. It seems that hackers (naturally) select their targets primarily based on ease of exploit -- jailbroken iphones with SSH installed with a default password, for instance, or Microsoft Windows -- than on market share, since any of these platforms still provides tens of millions of potential targets.
I think it's also important to note that the security of Mac OS X extends to the iPhone as well; hackers are apparently unable to successfully compromise the much larger installed base of iPhones, having to content themselves with the much smaller population that has been jailbroken (read, "security compromised").
Re:Excessive? (Score:3, Interesting)
No reason ordinary folk shouldn't be allowed to enjoy the benefits of an un-crippled, unrestricted phone.
It's these same people who don't care if their Windows machine is full of viruses from opening their firewall since it was "inconvenient." With these people, a botnet of iPhones is just a matter of time.
Jailbreaking and Unlocking - they're different (Score:3, Interesting)
Being only able to buy the iPhone here in the US as a carrier-locked phone - that's wrong and sucks. But sadly that's the rule here because of the deal Apple has with AT&T. May it expire soon, even though the only other national GSM carrier is T-Mobile and they have an even smaller footprint. It'd be nice to take an iPhone out of the country and get a local SIM without having to use your AT&T account.
Of course, that carrier lock is also why the iPhone costs $200 instead of about $600 or so - the carrier subsidy that AT&T pays Apple for it keeps you from having to pay all the money up front.
Jailbreaking, though, is a different story. Anyone who wants to jailbreak their iPhone should feel free to do so and run whatever they want. But if you go to the trouble to bypass Apple's application security model you get what you get. Not Apple's fault.
But things like this worm make me understand that much more why Apple works to plug the holes that jailbreak tools keep exploiting. We may not all like that we're restricted to getting apps from the App Store, but on the other hand the iPhone isn't sold as a tool for personal freedom. It's sold as a phone that runs apps that you get from Apple. Period.
There's other phones that are marketed as "freedom phones". If people want that above all else, they should buy a phone with the appropriate OS and not an iPhone.
Ultimately, I hope Apple opens up the App Store further and simply reviews apps to answer just a couple of questions:
1 - Does the app do anything that expressly isn't allowed by carrier contracts?
2 - Does it break the published development rules?
If it doesn't, then it ought to be published, period. For instance, now that AT&T stated that VoIP would now be allowed on their network, all the Google Voice apps and Skype should immediately be approved and put out for 3G usage. Because those apps don't break guidelines and are now allowed by the carrier.
But even if they eliminated all restrictions short of that, the App Store will never be the free market that jailbreakers want to have. So get another phone. I hear you can run anything you want on Windows Mobile.
(why you'd want to may be another story...)